Fwd: [PATCH] enhance usability of /proc/sys/net/ipv4/ip_local_reserved_ports (v2)
Francis Dupont
fdupont at isc.org
Wed Mar 14 08:52:33 UTC 2012
> this patch just went by the list. perhaps we can use something similar.
=> this seems a clear abuse of the ip_local_reserved_ports feature
but has too nothing to do with SD: at the exception of the PCP/UPnP/...
tools a SD-CPE is a plain standard port-restricted-range NAT, i.e.,
it uses the port range feature of iptables SNAT:
--to-source [ipaddr[-ipaddr]][:port[-port]]
^^^^^^^^^^^^^^
(from man iptables, SNAT section, BTW kernels of this century are
limited to one range per protocol).
Regards
Francis Dupont <fdupont at isc.org>
More information about the sdcpe-devel
mailing list