Sebastian Benoit([email protected]) on 2018.12.17 17:59:49 +0100:
> Claudio Jeker([email protected]) on 2018.12.17 08:25:07 +0100:
> > On Sun, Dec 16, 2018 at 05:09:06PM -0500, Ted Unangst wrote:
> > > Claudio Jeker wrote:
> > > > On Fri, Dec 14, 2018 at 01:26:25PM -0500, Ted Unangst wrote:
> > > > > Philip Guenther wrote:
> > > > > > And, perhaps more directly, how would I block this in pf.conf?
> > > > > > >
> > > > > >
> > > > > > Excellent choice, blocking dhclient from receiving the leases that
> > > > > > it
> > > > > > requests.
> > > > > > "What problem are you trying to solve?"
> > > > >
> > > > > Well, this may be something of a lost cause, but I would prefer that
> > > > > chrome
> > > > > not listen for stuff I don't understand. It listens on port 5353 as
> > > > > well, for
> > > > > mDNS, and I can block that easily enough. It's the socket without a
> > > > > port
> > > > > that's giving me trouble.
> > > >
> > > > But a socket without a port is not listening on anything. It will not
> > > > get
> > > > any packets. It does not need to be filtered. This is how UDP works, it
> > > > is
> > > > a connectionless protocol.
> > >
> > > ok, thank you, I was confused because they show up in netstat -ln too. I
> > > guess
> > > that's just historic how it is behavior.
>
> nothing historic about it, i added -l last year.
>
> but i wanted to keep it simple, i thought that its obvious what "listening"
> sockets mean in this context (i.e. that it only really is a concept in TCP).
>
> > I guess we should change that. Problem is that UDP does not support
> > listen(2) and so there is no listening state. Should netstat exclude all
> > of UDP when using -l
>
> here is a diff for that
>
> > or what should it show? Only sockets that are bound
> > but not connected (local port != 0 but remote addr/port = 0)?
>
> see my other mail for that diff.
here. Ok for one or the other?
(netstat_l_udp_only_otherside_zero.diff)
diff --git usr.bin/netstat/inet.c usr.bin/netstat/inet.c
index e8e2a4dcd4f..d378bfe6280 100644
--- usr.bin/netstat/inet.c
+++ usr.bin/netstat/inet.c
@@ -225,6 +225,7 @@ netdomainpr(struct kinfo_file *kf, int proto)
int addrlen = 22;
int isany = 0;
int istcp = 0;
+ int isudp = 0;
int isip6 = 0;
/* XXX should fix kinfo_file instead but not now */
@@ -282,6 +283,7 @@ netdomainpr(struct kinfo_file *kf, int proto)
case IPPROTO_UDP:
name = "udp";
name6 = "udp6";
+ isudp = 1;
break;
case IPPROTO_DIVERT:
name = "divert";
@@ -303,6 +305,9 @@ netdomainpr(struct kinfo_file *kf, int proto)
if (!aflag && lflag && istcp &&
kf->t_state != TCPS_LISTEN)
return;
+ if (!aflag && lflag && isudp &&
+ (kf->inp_lport == 0 || kf->inp_fport != 0))
+ return;
if (af != kf->so_family || type != kf->so_type) {
af = kf->so_family;
@@ -310,7 +315,7 @@ netdomainpr(struct kinfo_file *kf, int proto)
printf("Active Internet connections");
if (aflag)
printf(" (including servers)");
- else if (lflag)
+ else if (lflag && (istcp||isudp))
printf(" (only servers)");
putchar('\n');
if (Aflag) {
