[H-GEN] iptables autoblocking
Michael Anthon
mrchook at gmail.com
Fri Jul 22 01:25:15 EDT 2005
> Anyway, that aside, a normal user *can* do port redirects but they
> cannot redirect privileged ports (i.e. ports <= 1024). IRC generally
Just to clarify this a little since I think it's a bit confusing. The
restriction is actually that only root may set up LISTENING ports in
the privileged space. So, for example, if you wanted to redirect a
LOCAL port, say 666 to a remote port 666 at the other end then you
only need root access on the local end. If you are redirecting a
REMOTE privileged port to a local listening port then the root access
is required a the remote and and you must then log in as root.
As Josh mentioned, what you are doing falls into the former category
so you only need local root access (if you were using a privileged
port... which you probably aren't).
Clear as mud ??
Cheers
More information about the General
mailing list