Re: add openvpn 1194/udp/tcp port to /etc/services
On Tue, Mar 01 2022, Landry Breuil wrote: > Hi, > > while looking at other things i noticed OpenVPN wasnt in /etc/services. > > apparently its listed/registered by IANA since 2004 (i know, not a reason), > and > i have it on a debian 11 box and on a FreeBSD 12.2 server. > > i see two reasons: > - making sure another service doesnt squat the port for outgoing cnx, since > in some configs openvpn is started manually after boot > - write nicer pf rules :) > > oks ? yup (net/openvpn maintainer here) > Index: services > === > RCS file: /cvs/src/etc/services,v > retrieving revision 1.103 > diff -u -r1.103 services > --- services 2 Sep 2021 10:46:22 - 1.103 > +++ services 1 Mar 2022 10:18:08 - > @@ -173,6 +173,8 @@ > pop3s995/tcp spop3 # pop3 protocol over > TLS/SSL > socks1080/tcp# Socks > kpop 1109/tcp# Pop with Kerberos > +openvpn 1194/tcp# OpenVPN > +openvpn 1194/udp# OpenVPN > ms-sql-s 1433/tcpMicrosoft-SQL-Server > ms-sql-s 1433/udpMicrosoft-SQL-Server > ms-sql-m 1434/tcpMicrosoft-SQL-Monitor > -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: add openvpn 1194/udp/tcp port to /etc/services
On Tue, Mar 01, 2022 at 10:41:14AM +, Stuart Henderson wrote: > Probably best to wait a bit for other feedback, but: OK sthen Ok from me, too. Some of my subnets are routed to me via OpenVPN so I will be forced to keep using it for the foreseeable future. I have $openvpn_port variables in some pf.conf files...
Re: add openvpn 1194/udp/tcp port to /etc/services
On 2022/03/01 11:24, Landry Breuil wrote: > Hi, > > while looking at other things i noticed OpenVPN wasnt in /etc/services. > > apparently its listed/registered by IANA since 2004 (i know, not a reason), > and > i have it on a debian 11 box and on a FreeBSD 12.2 server. > > i see two reasons: > - making sure another service doesnt squat the port for outgoing cnx, since > in some configs openvpn is started manually after boot > - write nicer pf rules :) > > oks ? This is way more common than some entries already in the file and with the UDP variant we don't want e.g. ntpd randomly picking it as a port to use. (The protocol can use TCP or UDP so it's correct to list both). And since the file is installed directly to /etc/service rather than going via etc.tgz it's not really a "user modifiable" file where it can be added locally. Probably best to wait a bit for other feedback, but: OK sthen > Index: services > === > RCS file: /cvs/src/etc/services,v > retrieving revision 1.103 > diff -u -r1.103 services > --- services 2 Sep 2021 10:46:22 - 1.103 > +++ services 1 Mar 2022 10:18:08 - > @@ -173,6 +173,8 @@ > pop3s995/tcp spop3 # pop3 protocol over > TLS/SSL > socks1080/tcp# Socks > kpop 1109/tcp# Pop with Kerberos > +openvpn 1194/tcp# OpenVPN > +openvpn 1194/udp# OpenVPN > ms-sql-s 1433/tcpMicrosoft-SQL-Server > ms-sql-s 1433/udpMicrosoft-SQL-Server > ms-sql-m 1434/tcpMicrosoft-SQL-Monitor >
add openvpn 1194/udp/tcp port to /etc/services
Hi, while looking at other things i noticed OpenVPN wasnt in /etc/services. apparently its listed/registered by IANA since 2004 (i know, not a reason), and i have it on a debian 11 box and on a FreeBSD 12.2 server. i see two reasons: - making sure another service doesnt squat the port for outgoing cnx, since in some configs openvpn is started manually after boot - write nicer pf rules :) oks ? Index: services === RCS file: /cvs/src/etc/services,v retrieving revision 1.103 diff -u -r1.103 services --- services2 Sep 2021 10:46:22 - 1.103 +++ services1 Mar 2022 10:18:08 - @@ -173,6 +173,8 @@ pop3s 995/tcp spop3 # pop3 protocol over TLS/SSL socks 1080/tcp# Socks kpop 1109/tcp# Pop with Kerberos +openvpn1194/tcp# OpenVPN +openvpn1194/udp# OpenVPN ms-sql-s 1433/tcpMicrosoft-SQL-Server ms-sql-s 1433/udpMicrosoft-SQL-Server ms-sql-m 1434/tcpMicrosoft-SQL-Monitor