net: Fix a documentation bug wrt. ip_unprivileged_port_start
It cannot overlap with the local port range - ie. with autobind selectable
ports - and not with reserved ports.
Indeed 'ip_local_reserved_ports' isn't even a range, it's a (by default
empty) set.
Fixes: 4548b683b7
("Introduce a sysctl that modifies the value of PROT_SOCK.")
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
fd567ac20c
commit
ac71676c49
@ -904,8 +904,9 @@ ip_local_port_range - 2 INTEGERS
|
||||
Defines the local port range that is used by TCP and UDP to
|
||||
choose the local port. The first number is the first, the
|
||||
second the last local port number.
|
||||
If possible, it is better these numbers have different parity.
|
||||
(one even and one odd values)
|
||||
If possible, it is better these numbers have different parity
|
||||
(one even and one odd value).
|
||||
Must be greater than or equal to ip_unprivileged_port_start.
|
||||
The default values are 32768 and 60999 respectively.
|
||||
|
||||
ip_local_reserved_ports - list of comma separated ranges
|
||||
@ -943,8 +944,8 @@ ip_unprivileged_port_start - INTEGER
|
||||
This is a per-namespace sysctl. It defines the first
|
||||
unprivileged port in the network namespace. Privileged ports
|
||||
require root or CAP_NET_BIND_SERVICE in order to bind to them.
|
||||
To disable all privileged ports, set this to 0. It may not
|
||||
overlap with the ip_local_reserved_ports range.
|
||||
To disable all privileged ports, set this to 0. They must not
|
||||
overlap with the ip_local_port_range.
|
||||
|
||||
Default: 1024
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user