[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]

Re: packet filtering vs. conserver

Bryan Stansell bryan@conserver.com
Thu, 20 Aug 2009 04:22:00 GMT

secondaryport is what you want.  Something like:

config * {
    secondaryport 9900;

tells conserver to start allocating from port 9900 for it's secondary
ports.  'conserver -V' will show you both the primary port and secondary
port range.  If you do something like:

config * {
    primaryport 782;
    secondaryport 783;

It would make the main port 782, and then start allocating from 783 for
the rest...up to the number of conserver processes forked off.

Or you could do:

config * {
    primaryport conserver;
    secondaryport conserver-child;

and put whatever values into /etc/services for those names.

The configure option --with-port sets primaryport and --with-base sets
secondaryport, to have them compiled in instead.


On Wed, Aug 19, 2009 at 04:23:01PM +0200, Andras.Horvath@cern.ch wrote:
> Hi,
> Is there a way to make conserver listen on a limited number of ports
> only (instead of opening random ports)? 
> The manual page talks about the 'secondaryport' option but this seems to
> do nothing at all, and I'm not at all sure that it's the option I need
> anyway.
> The reason I'm asking is that I have to devise a set of iptables (packet
> filter) rules to let users in, as a policy.
> thanks
> Andras
> _______________________________________________
> users mailing list
> users@conserver.com
> https://www.conserver.com/mailman/listinfo/users