Re: Binding Squid to reserved port (was: mac_portacl)
- From: "mal content" <artifact.one@xxxxxxxxxxxxxx>
- Date: Fri, 20 Oct 2006 17:38:59 +0100
On 20/10/06, Nikolay Pavlov <quetzal@xxxxxxxxxxxx> wrote:
On Friday, 20 October 2006 at 16:57:06 +0200, Fabian Keil wrote:
> Nikolay Pavlov <quetzal@xxxxxxxxxxxx> wrote:
>
> > I am trying to implement reverse proxy using squid with mac_portacl,
> > but i have problem while binding squid to port 80.
> > Am i missed something?
> >
> > Here is my mac_portacl variables:
> >
> > # sysctl security.mac.portacl.
> > security.mac.portacl.enabled: 1
> > security.mac.portacl.suser_exempt: 1
> > security.mac.portacl.autoport_exempt: 1
> > security.mac.portacl.port_high: 1023
> > security.mac.portacl.rules: uid:100:tcp:80
> >
The mac_portacl page in the handbook says that you need to disable normal
UNIX bind restrictions on ports. Have you tried this:
# sysctl net.inet.ip.portrange.reservedlow=0
# sysctl net.inet.ip.portrange.reservedhigh=0
MC
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: Binding Squid to reserved port (was: mac_portacl)
- From: Nikolay Pavlov
- Re: Binding Squid to reserved port (was: mac_portacl)
- References:
- mac_portacl
- From: Nikolay Pavlov
- Re: Binding Squid to reserved port (was: mac_portacl)
- From: Fabian Keil
- Re: Binding Squid to reserved port (was: mac_portacl)
- From: Nikolay Pavlov
- mac_portacl
- Prev by Date: Re: Binding Squid to reserved port (was: mac_portacl)
- Next by Date: Re: Binding Squid to reserved port (was: mac_portacl)
- Previous by thread: Re: Binding Squid to reserved port (was: mac_portacl)
- Next by thread: Re: Binding Squid to reserved port (was: mac_portacl)
- Index(es):
Relevant Pages
|
|
