diff options
| author |   deraadt <deraadt@openbsd.org> | 2019-11-13 17:36:02 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2019-11-13 17:36:02 +0000 |
| commit | 492c1b75909c97e2d4a049c87ee1d2ab768f5624 (patch) | |
| tree | adf61727af97a20b0cbe5a3dbe7ee4ed3a2ba662 | |
| parent | reflect reality (diff) | |
| download | wireguard-openbsd-492c1b75909c97e2d4a049c87ee1d2ab768f5624.tar.xz wireguard-openbsd-492c1b75909c97e2d4a049c87ee1d2ab768f5624.zip | |
Add DoT 853 to DEFBADDYNAMICPORTS_TCP. This port will be increasingly
unfiltered in the future, so this prevents rresvport_af(3) from randomly
exposing a service intended for local visibility only.
ok florian
| -rw-r--r-- | sys/netinet/in_pcb.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/netinet/in_pcb.h b/sys/netinet/in_pcb.h index 8e46bab2969..7a27b3f45e9 100644 --- a/sys/netinet/in_pcb.h +++ b/sys/netinet/in_pcb.h @@ -1,4 +1,4 @@ -/* $OpenBSD: in_pcb.h,v 1.117 2019/10/17 00:51:28 dlg Exp $ */ +/* $OpenBSD: in_pcb.h,v 1.118 2019/11/13 17:36:02 deraadt Exp $ */ /* $NetBSD: in_pcb.h,v 1.14 1996/02/13 23:42:00 christos Exp $ */ /* @@ -228,7 +228,7 @@ struct inpcbtable { /* default values for baddynamicports [see ip_init()] */ #define DEFBADDYNAMICPORTS_TCP { \ - 587, 749, 750, 751, 871, 2049, \ + 587, 749, 750, 751, 853, 871, 2049, \ 6000, 6001, 6002, 6003, 6004, 6005, 6006, 6007, 6008, 6009, 6010, \ 0 } #define DEFBADDYNAMICPORTS_UDP { 623, 664, 749, 750, 751, 2049, \ |