Wireshark-dev: Re: [Wireshark-dev] About transport name resolution with the new services file
--- Andrew Hood <ajhood@xxxxxxxxx> wrote:
> Francois-Xavier Le Bail wrote:
> > --- Andrew Hood <ajhood@xxxxxxxxx> wrote:
> >>It it wasn't for Windows' broken behaviour in
> >>letting any port be
> >>ephemeral, that might make some sense.
> >>
> >>I have been forced to set registry values to make
> >>Windows behave more
> >>like *nix. Reserve all ports below 32768. Make
> >>ephemerals be 32768-49151.
> >>
> >>Windows Registry Editor Version 5.00
> >>
> >>
> >
> >
>
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
> >
> >
>
"ReservedPorts"=hex(7):31,00,2d,00,33,00,32,00,37,00,36,00,37,00,00,00,00,00
> >
> >>"MaxUserPort"=dword:0000bfff
> >>
> >>Even that doesn't protect all "REGISTERED PORT
> >>NUMBERS". That would
> >>require setting "ReservedPorts" to be 1-49151, and
> >>"MaxUserPort" to
> >>something like 57344 (8192 available ephemerals)
> or
> >>61440 (12288
> >>available ephemerals).
> >
> >
> > Windows' broken behaviour ? It's the same with
> Linux
> > 2.4.27, 2.6.16, ...
>
> I have several Linux, AIX, Solaris and HP-UX
> versions.
>
> None of them by default allow ephemeral ports below
> 16384, and most of
> them do not allow ephemerals below 32768.
It's not always the case in Linux.
In the file
linux-2.6.22.3/Documentation/networking/ip-sysctl.txt
We read :
-----
ip_local_port_range - 2 INTEGERS
Defines the local port range that is used by
TCP and UDP to
choose the local port. The first number is the
first, the
second the last local port number. Default
value depends on
amount of memory available on the system:
> 128Mb 32768-61000
< 128Mb 1024-4999 or even less.
-----
In any case, Wireshark must work with real systems not
only ideal systems.
____________________________________________________________________________________
Boardwalk for $500? In 2007? Ha! Play Monopoly Here and Now (it's updated for today's economy) at Yahoo! Games.
http://get.games.yahoo.com/proddesc?gamekey=monopolyherenow