You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2009/10/11 12:45:36 UTC

[Bug 5264] Specification of DNS-query source port range

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5264

Simon Arlott <sp...@arlott.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |spamassassin.bugzilla.apach
                   |                            |e.simon@arlott.org

--- Comment #4 from Simon Arlott <sp...@arlott.org> 2009-10-11 03:45:34 UTC ---
(In reply to comment #0)
> The file DnsResolver.pm contains code (sub conenct sock) which selects a random
> unprivileged (1024-65535) source port for DNS-queries.
> 
> I propose two enhancements:
> 
> 1) Source port range should be a config file option
> 2) Evaluate /proc/sys/net/ipv4/ip_local_ports if no range is specified in config
> file
> 
> This should avoid problems with local firewalls/port filter which allows
> outbound traffic only from local_ports, but not from all unprivileged ports.

The patch to Bug 6221 should fix this for you as it'll cause the
ip_local_port_range to be used.

-- 
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.