mirror of https://github.com/mkerrisk/man-pages
ip.7: Note some more details about assignment of ephemeral ports
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
509c1c26f0
commit
bd8838ad29
13
man7/ip.7
13
man7/ip.7
|
@ -1012,12 +1012,19 @@ was called on a socket that was not not previously bound;
|
||||||
is called on a datagram socket that was not not previously bound.
|
is called on a datagram socket that was not not previously bound.
|
||||||
.RE
|
.RE
|
||||||
.IP
|
.IP
|
||||||
Allocation starts with the first number and ends with the second number.
|
Allocation of ephemeral ports starts with the first number in
|
||||||
Note that these should not conflict with the ports used by masquerading
|
.IR ip_local_port_range
|
||||||
|
and ends with the second number.
|
||||||
|
If the range of ephemeral ports is exhausted,
|
||||||
|
then the relevant system call returns an error (but see BUGS)
|
||||||
|
.IP
|
||||||
|
Note that the port range in
|
||||||
|
.IR ip_local_port_range
|
||||||
|
should not conflict with the ports used by masquerading
|
||||||
(although the case is handled).
|
(although the case is handled).
|
||||||
Also, arbitrary choices may cause problems with some firewall packet
|
Also, arbitrary choices may cause problems with some firewall packet
|
||||||
filters that make assumptions about the local ports in use.
|
filters that make assumptions about the local ports in use.
|
||||||
First number should be at least greater than 1024,
|
The first number should be at least greater than 1024,
|
||||||
or better, greater than 4096, to avoid clashes
|
or better, greater than 4096, to avoid clashes
|
||||||
with well known ports and to minimize firewall problems.
|
with well known ports and to minimize firewall problems.
|
||||||
.\"
|
.\"
|
||||||
|
|
Loading…
Reference in New Issue