Re: Default DENY with ipchains
"Srebrenko Sehic" <email@example.com> writes:
> Is is possible to prevent ordinary users from opening unprivliged ports
> (>1024 tcp/udp)? If yes, how?
> I've tried virtually every possible way to do this, but with no luck.
As far as I know you can't do it with firewall rules.
However you could _try_ just changing PROT_SOCK in
linux/include/net/sock.h from 1024 to 65535.
If that breaks you get to keep both pieces etc.
James Antill -- firstname.lastname@example.org
"If we can't keep this sort of thing out of the kernel, we might as well
pack it up and go run Solaris." -- Larry McVoy.