grsecurity forums


https://forums.grsecurity.net./

rand_tcp_src_ports isn't working?

https://forums.grsecurity.net./viewtopic.php?f=3&t=132

Page 1 of 1

rand_tcp_src_ports isn't working?

PostPosted: Sun Sep 01, 2002 4:51 pm
by AverageUser
I'm just getting started with grsecurity-1.9.6-2.4.19.patch.gz and I've come across a problem: Setting rand_tcp_src_ports to 1 seems to do nothing on my machine. It still appears to be generating source port numbers sequentially:

[root@host /proc/sys/kernel/grsecurity]# echo 1 > rand_tcp_src_ports
[root@host /proc/sys/kernel/grsecurity]# cat rand_tcp_src_ports
1
[root@host /proc/sys/kernel/grsecurity]# ssh otherhost 'echo $SSH_CLIENT'
192.168.0.1 32797 22
[root@host /proc/sys/kernel/grsecurity]# ssh otherhost 'echo $SSH_CLIENT'
192.168.0.1 32798 22
[root@host /proc/sys/kernel/grsecurity]# ssh otherhost 'echo $SSH_CLIENT'
192.168.0.1 32799 22


(Notice 32797, 32798, 32799...)

Am I missing something...?

PostPosted: Sun Sep 01, 2002 6:26 pm
by spender
looks like the linux developers have added some more bloat. Apparently they just switched the function they were using to determine the port for connect to another function, which is basically a duplicate of half of the code in the old function. The problem is fixed in the current CVS. Thanks for pointing that out.

-Brad
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/