kernel/5139: add udp:623 (asf-rmcp) to baddynamic

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

kernel/5139: add udp:623 (asf-rmcp) to baddynamic

Stuart Henderson-3
>Number:         5139
>Category:       kernel
>Synopsis:       Port 623 can be swallowed by ASF/IPMI nics, patch adds to baddynamic
>Confidential:   yes
>Severity:       serious
>Priority:       medium
>Responsible:    bugs
>State:          open
>Quarter:        
>Keywords:      
>Date-Required:
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Tue May 30 16:00:01 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Stuart Henderson
>Release:        current
>Organization:
net
>Environment:
       
        System      : OpenBSD 3.9
        Architecture: any
        Machine     : any
>Description:
       
Some NICs hijack packets sent to udp 623 for ASF/IPMI remote
management. To avoid occasional hard-to-diagnose clashes with
services using dynamic ports, the attached diff lists it in
/etc/services for identification, and adds to baddynamic.

>How-To-Repeat:
       
>Fix:
       

Index: sys/netinet/in_pcb.h
===================================================================
RCS file: /data/cvsroot/OpenBSD/src/sys/netinet/in_pcb.h,v
retrieving revision 1.52
diff -u -r1.52 in_pcb.h
--- sys/netinet/in_pcb.h 10 Dec 2005 01:30:14 -0000 1.52
+++ sys/netinet/in_pcb.h 30 May 2006 15:33:52 -0000
@@ -221,7 +221,7 @@
 
 /* default values for baddynamicports [see ip_init()] */
 #define DEFBADDYNAMICPORTS_TCP { 587, 749, 750, 751, 760, 761, 871, 0 }
-#define DEFBADDYNAMICPORTS_UDP { 750, 751, 0 }
+#define DEFBADDYNAMICPORTS_UDP { 623, 750, 751, 0 }
 
 struct baddynamicports {
  u_int32_t tcp[DP_MAPSIZE];
Index: etc/services
===================================================================
RCS file: /data/cvsroot/OpenBSD/src/etc/services,v
retrieving revision 1.63
diff -u -r1.63 services
--- etc/services 20 Nov 2005 19:15:11 -0000 1.63
+++ etc/services 30 May 2006 15:32:36 -0000
@@ -145,6 +145,8 @@
 rtsp 554/tcp # Real Time Stream Control Proto
 rtsp 554/udp # Real Time Stream Control Proto
 submission 587/tcp msa # mail message submission
+asf-rmcp 623/tcp # ASF Remote Management and Control Protocol
+asf-rmcp 623/udp # ASF Remote Management and Control Protocol
 ipp 631/tcp # Internet Printing Protocol
 ipp 631/udp # Internet Printing Protocol
 ldaps 636/tcp # LDAP over SSL


>Release-Note:
>Audit-Trail:
>Unformatted: