Loading Documentation/networking/ip-sysctl.txt +5 −0 Original line number Diff line number Diff line Loading @@ -883,6 +883,11 @@ ip_unprivileged_port_start - INTEGER Default: 1024 reserved_port_bind - BOOLEAN If set, allows explicit bind requests to applications requesting any port within the range of ip_local_reserved_ports. Default: 1 ip_nonlocal_bind - BOOLEAN If set, allows processes to bind() to non-local IP addresses, which can be quite useful - but may break some applications. Loading include/net/ip.h +2 −0 Original line number Diff line number Diff line Loading @@ -330,6 +330,8 @@ static inline int inet_prot_sock(struct net *net) __be32 inet_current_timestamp(void); extern int sysctl_reserved_port_bind; /* From inetpeer.c */ extern int inet_peer_threshold; extern int inet_peer_minttl; Loading net/ipv4/af_inet.c +2 −0 Original line number Diff line number Diff line Loading @@ -138,6 +138,8 @@ static inline int current_has_network(void) } #endif int sysctl_reserved_port_bind __read_mostly = 1; /* The inetsw table contains everything that inet_create needs to * build a new socket. */ Loading net/ipv4/inet_connection_sock.c +7 −0 Original line number Diff line number Diff line Loading @@ -305,6 +305,13 @@ int inet_csk_get_port(struct sock *sk, unsigned short snum) head = &hinfo->bhash[inet_bhashfn(net, port, hinfo->bhash_size)]; spin_lock_bh(&head->lock); if (inet_is_local_reserved_port(net, snum) && !sysctl_reserved_port_bind) { ret = 1; goto fail_unlock; } inet_bind_bucket_for_each(tb, &head->chain) if (net_eq(ib_net(tb), net) && tb->port == port) goto tb_found; Loading net/ipv4/sysctl_net_ipv4.c +7 −0 Original line number Diff line number Diff line Loading @@ -682,6 +682,13 @@ static struct ctl_table ipv4_net_table[] = { .mode = 0644, .proc_handler = proc_do_large_bitmap, }, { .procname = "reserved_port_bind", .data = &sysctl_reserved_port_bind, .maxlen = sizeof(int), .mode = 0644, .proc_handler = proc_dointvec }, { .procname = "ip_no_pmtu_disc", .data = &init_net.ipv4.sysctl_ip_no_pmtu_disc, Loading Loading
Documentation/networking/ip-sysctl.txt +5 −0 Original line number Diff line number Diff line Loading @@ -883,6 +883,11 @@ ip_unprivileged_port_start - INTEGER Default: 1024 reserved_port_bind - BOOLEAN If set, allows explicit bind requests to applications requesting any port within the range of ip_local_reserved_ports. Default: 1 ip_nonlocal_bind - BOOLEAN If set, allows processes to bind() to non-local IP addresses, which can be quite useful - but may break some applications. Loading
include/net/ip.h +2 −0 Original line number Diff line number Diff line Loading @@ -330,6 +330,8 @@ static inline int inet_prot_sock(struct net *net) __be32 inet_current_timestamp(void); extern int sysctl_reserved_port_bind; /* From inetpeer.c */ extern int inet_peer_threshold; extern int inet_peer_minttl; Loading
net/ipv4/af_inet.c +2 −0 Original line number Diff line number Diff line Loading @@ -138,6 +138,8 @@ static inline int current_has_network(void) } #endif int sysctl_reserved_port_bind __read_mostly = 1; /* The inetsw table contains everything that inet_create needs to * build a new socket. */ Loading
net/ipv4/inet_connection_sock.c +7 −0 Original line number Diff line number Diff line Loading @@ -305,6 +305,13 @@ int inet_csk_get_port(struct sock *sk, unsigned short snum) head = &hinfo->bhash[inet_bhashfn(net, port, hinfo->bhash_size)]; spin_lock_bh(&head->lock); if (inet_is_local_reserved_port(net, snum) && !sysctl_reserved_port_bind) { ret = 1; goto fail_unlock; } inet_bind_bucket_for_each(tb, &head->chain) if (net_eq(ib_net(tb), net) && tb->port == port) goto tb_found; Loading
net/ipv4/sysctl_net_ipv4.c +7 −0 Original line number Diff line number Diff line Loading @@ -682,6 +682,13 @@ static struct ctl_table ipv4_net_table[] = { .mode = 0644, .proc_handler = proc_do_large_bitmap, }, { .procname = "reserved_port_bind", .data = &sysctl_reserved_port_bind, .maxlen = sizeof(int), .mode = 0644, .proc_handler = proc_dointvec }, { .procname = "ip_no_pmtu_disc", .data = &init_net.ipv4.sysctl_ip_no_pmtu_disc, Loading
