On Sun, Dec 16, 2018 at 05:09:06PM -0500, Ted Unangst wrote: > Claudio Jeker wrote: > > On Fri, Dec 14, 2018 at 01:26:25PM -0500, Ted Unangst wrote: > > > Philip Guenther wrote: > > > > And, perhaps more directly, how would I block this in pf.conf? > > > > > > > > > > > > > Excellent choice, blocking dhclient from receiving the leases that it > > > > requests. > > > > "What problem are you trying to solve?" > > > > > > Well, this may be something of a lost cause, but I would prefer that > > > chrome > > > not listen for stuff I don't understand. It listens on port 5353 as well, > > > for > > > mDNS, and I can block that easily enough. It's the socket without a port > > > that's giving me trouble. > > > > But a socket without a port is not listening on anything. It will not get > > any packets. It does not need to be filtered. This is how UDP works, it is > > a connectionless protocol. > > ok, thank you, I was confused because they show up in netstat -ln too. I guess > that's just historic how it is behavior.
I guess we should change that. Problem is that UDP does not support listen(2) and so there is no listening state. Should netstat exclude all of UDP when using -l or what should it show? Only sockets that are bound but not connected (local port != 0 but remote addr/port = 0)? -- :wq Claudio
