On Mon, Dec 17, 2018 at 06:05:00PM +0100, Sebastian Benoit wrote:
> Sebastian Benoit([email protected]) on 2018.12.17 17:59:49 +0100:
> > Claudio Jeker([email protected]) on 2018.12.17 08:25:07 +0100:
> > > On Sun, Dec 16, 2018 at 05:09:06PM -0500, Ted Unangst wrote:
> > > > Claudio Jeker wrote:
> > > > > On Fri, Dec 14, 2018 at 01:26:25PM -0500, Ted Unangst wrote:
> > > > > > Philip Guenther wrote:
> > > > > > > And, perhaps more directly, how would I block this in pf.conf?
> > > > > > > >
> > > > > > >
> > > > > > > Excellent choice, blocking dhclient from receiving the leases
> > > > > > > that it
> > > > > > > requests.
> > > > > > > "What problem are you trying to solve?"
> > > > > >
> > > > > > Well, this may be something of a lost cause, but I would prefer
> > > > > > that chrome
> > > > > > not listen for stuff I don't understand. It listens on port 5353 as
> > > > > > well, for
> > > > > > mDNS, and I can block that easily enough. It's the socket without a
> > > > > > port
> > > > > > that's giving me trouble.
> > > > >
> > > > > But a socket without a port is not listening on anything. It will not
> > > > > get
> > > > > any packets. It does not need to be filtered. This is how UDP works,
> > > > > it is
> > > > > a connectionless protocol.
> > > >
> > > > ok, thank you, I was confused because they show up in netstat -ln too.
> > > > I guess
> > > > that's just historic how it is behavior.
> >
> > nothing historic about it, i added -l last year.
> >
> > but i wanted to keep it simple, i thought that its obvious what "listening"
> > sockets mean in this context (i.e. that it only really is a concept in TCP).
> >
> > > I guess we should change that. Problem is that UDP does not support
> > > listen(2) and so there is no listening state. Should netstat exclude all
> > > of UDP when using -l
> >
> > here is a diff for that
> >
> > > or what should it show? Only sockets that are bound
> > > but not connected (local port != 0 but remote addr/port = 0)?
> >
> > see my other mail for that diff.
>
> here. Ok for one or the other?
>
> (netstat_l_udp_only_otherside_zero.diff)
>
> diff --git usr.bin/netstat/inet.c usr.bin/netstat/inet.c
> index e8e2a4dcd4f..d378bfe6280 100644
> --- usr.bin/netstat/inet.c
> +++ usr.bin/netstat/inet.c
> @@ -225,6 +225,7 @@ netdomainpr(struct kinfo_file *kf, int proto)
> int addrlen = 22;
> int isany = 0;
> int istcp = 0;
> + int isudp = 0;
> int isip6 = 0;
>
> /* XXX should fix kinfo_file instead but not now */
> @@ -282,6 +283,7 @@ netdomainpr(struct kinfo_file *kf, int proto)
> case IPPROTO_UDP:
> name = "udp";
> name6 = "udp6";
> + isudp = 1;
> break;
> case IPPROTO_DIVERT:
> name = "divert";
> @@ -303,6 +305,9 @@ netdomainpr(struct kinfo_file *kf, int proto)
> if (!aflag && lflag && istcp &&
> kf->t_state != TCPS_LISTEN)
> return;
> + if (!aflag && lflag && isudp &&
> + (kf->inp_lport == 0 || kf->inp_fport != 0))
> + return;
>
> if (af != kf->so_family || type != kf->so_type) {
> af = kf->so_family;
> @@ -310,7 +315,7 @@ netdomainpr(struct kinfo_file *kf, int proto)
> printf("Active Internet connections");
> if (aflag)
> printf(" (including servers)");
> - else if (lflag)
> + else if (lflag && (istcp||isudp))
Needs some spaces ^^ here
> printf(" (only servers)");
> putchar('\n');
> if (Aflag) {
>
Apart from that OK claudio@
--
:wq Claudio
