Bug 259340 - ftp/netdumpd: ability to restrict response port range to enable corporate firewall use
Summary: ftp/netdumpd: ability to restrict response port range to enable corporate fir...
Status: Open
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Mark Johnston
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-10-21 13:22 UTC by Dave Cottlehuber
Modified: 2022-06-17 15:14 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (markj)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Dave Cottlehuber freebsd_committer freebsd_triage 2021-10-21 13:22:35 UTC
netdumpd receives HERALD requests on 20023 by default, and returns a random port to accept the response from the remote client.

To help working in cloud & bigcorp environments, it would be useful to allow a one-off invocation of netdumpd on a fixed response port, or restrict the port range that netdumpd will support accepting responses on.
Comment 1 Mark Johnston freebsd_committer freebsd_triage 2022-06-17 15:14:07 UTC
The way it works now is,

- client sends a message to netdumpd on port 20023
- server replies using an ephemeral port, sends messages to the client on port 20024

I think what you want is a one-shot mode for netdumpd, where it only uses ports r20023/20024?  One limitation is that one wouldn't be able to use this on a system that's running a persistent instance of netdumpd.  Maybe that's acceptable though.

Even nicer would be if the server could initiate a netdump...