Re: Bug#638322: nfs-common: rpc.statd binds to udp port 631 preventing cups startup
On Sat, 20 Aug 2011, Andreas Barth wrote:
> * Henrique de Moraes Holschuh (firstname.lastname@example.org) [110820 14:39]:
> > Yes. And we can easily maintain a current one for Debian-packaged software,
> > although the initial build of such a blacklist will take some work.
> Actually, the existing interface net.ipv4.ip_local_port_range seems to
> work quite well. And there are so many ports that for most servers it
No, it doesn't. And we have at least one extremely important protocol that
needs as many ports as we can give it (DNS).
A blacklist is the way to go, and we already have it. We just need to fill
it, make it easier to extend (.d directory), tell people about it, and teach
stuff other than SunRPC to use it when necessary.
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot