Re: netstat *:* udp sockets

Mon, 17 Dec 2018 09:00:29 -0800 

Claudio Jeker([email protected]) on 2018.12.17 08:25:07 +0100:
> On Sun, Dec 16, 2018 at 05:09:06PM -0500, Ted Unangst wrote:
> > Claudio Jeker wrote:
> > > On Fri, Dec 14, 2018 at 01:26:25PM -0500, Ted Unangst wrote:
> > > > Philip Guenther wrote:
> > > > > And, perhaps more directly, how would I block this in pf.conf?
> > > > > >
> > > > > 
> > > > > Excellent choice, blocking dhclient from receiving the leases that it
> > > > > requests.
> > > > > "What problem are you trying to solve?"
> > > > 
> > > > Well, this may be something of a lost cause, but I would prefer that 
> > > > chrome
> > > > not listen for stuff I don't understand. It listens on port 5353 as 
> > > > well, for
> > > > mDNS, and I can block that easily enough. It's the socket without a port
> > > > that's giving me trouble.
> > > 
> > > But a socket without a port is not listening on anything. It will not get
> > > any packets. It does not need to be filtered. This is how UDP works, it is
> > > a connectionless protocol.
> > 
> > ok, thank you, I was confused because they show up in netstat -ln too. I 
> > guess
> > that's just historic how it is behavior.

nothing historic about it, i added -l last year.

but i wanted to keep it simple, i thought that its obvious what "listening"
sockets mean in this context (i.e. that it only really is a concept in TCP).

> I guess we should change that. Problem is that UDP does not support
> listen(2) and so there is no listening state. Should netstat exclude all
> of UDP when using -l 

here is a diff for that

> or what should it show? Only sockets that are bound
> but not connected (local port != 0 but remote addr/port = 0)?

see my other mail for that diff.

(netstat_l_only_tcp.diff)

diff --git usr.bin/netstat/main.c usr.bin/netstat/main.c
index 17c889768a2..6bf155205ee 100644
--- usr.bin/netstat/main.c
+++ usr.bin/netstat/main.c
@@ -189,6 +189,8 @@ main(int argc, char *argv[])
                        break;
                case 'l':
                        lflag = 1;
+                       tp = knownname("tcp");
+                       pflag = 1;
                        break;
                case 'M':
                        memf = optarg;
@@ -203,7 +205,8 @@ main(int argc, char *argv[])
                        nflag = 1;
                        break;
                case 'p':
-                       if ((tp = name2protox(optarg)) == NULL) {
+                       if (pflag == 0 &&
+                           (tp = name2protox(optarg)) == NULL) {
                                (void)fprintf(stderr,
                                    "%s: %s: unknown protocol\n",
                                    __progname, optarg);

Reply via email to