Re: Default DENY with ipchains
"Srebrenko Sehic" <haver@aub.dk> writes:
> Hello
>
> Is is possible to prevent ordinary users from opening unprivliged ports
> (>1024 tcp/udp)? If yes, how?
>
> I've tried virtually every possible way to do this, but with no luck.
As far as I know you can't do it with firewall rules.
However you could _try_ just changing PROT_SOCK in
linux/include/net/sock.h from 1024 to 65535.
If that breaks you get to keep both pieces etc.
--
James Antill -- james@and.org
"If we can't keep this sort of thing out of the kernel, we might as well
pack it up and go run Solaris." -- Larry McVoy.
Reply to: