On 13:38 Thu 13 Dec, Ted Unangst wrote:
> netstat -an tells me I am listening to all the udp.
>
> Active Internet connections (including servers)
> Proto Recv-Q Send-Q Local Address Foreign Address (state)
> udp 0 0 *.* *.*
> udp 0 0 127.0.0.1.53 *.*
> udp 0 0 *.* *.*
> udp 0 0 *.5353 *.*
> udp 0 0 *.* *.*
>
> What are those *.* sockets doing? How can you listen to all the ports?
>
> According to fstat, two belong to dhclient and one to chrome.
>
> root dhclient 55241 3* internet dgram udp *:0
> root dhclient 55241 5* internet dgram udp *:0
> tedu chrome 52839 107* internet dgram udp *:0
>
> Although now they are printed as *:0. How do such sockets work?
>
> And, perhaps more directly, how would I block this in pf.conf?
Wait, ain't
$ netstat -anl
should be used to get _listening_ sockets?
