On 2014/07/15 15:51, Antoine Jacoutot wrote:
> On Tue, Jul 15, 2014 at 12:22:37PM +0100, Craig R. Skinner wrote:
> >
> > Suggestion of add NSD, Unbound & BIND control ports to /etc/services:
> Makes sense to me. Anyone want to OK this?
I'll discuss tweaks to the diff below but I'm in two minds about whether
we want it. We don't enable the control socket in unbound by default at
present (there is a diff somewhere to move this to unix domain sockets
which we'd much prefer over network sockets..) Be aware, there is a
downside to adding entries to /etc/services on OpenBSD. It isn't just a
handy list of ports, it is used to populate net.inet.tcp.baddynamic and
net.inet.udp.baddynamic which are used to block off ports from dynamic
port allocation.
> > +named-rndc 953/tcp # Domain Name System (DNS) BIND
> > RNDC Service
> > +named-rndc 953/udp # Domain Name System (DNS) BIND
> > RNDC Service
BIND uses TCP for the control socket, so if this does go in, please
do not list the UDP one.
12345678901234567890123456789012345678901234567890123456789012345678901234567890
> > imaps 993/tcp # imap4 protocol over
> > TLS/SSL
> > imaps 993/udp # imap4 protocol over
> > TLS/SSL
> > pop3s 995/tcp spop3 # pop3 protocol over
> > TLS/SSL
> > @@ -301,6 +303,8 @@ spamd 8025/tcp #
> > spamd(8)
> > spamd-sync 8025/udp # spamd(8) synchronisation
> > spamd-cfg 8026/tcp # spamd(8) configuration
> > dhcpd-sync 8067/udp # dhcpd(8) synchronisation
> > +nsd-cntl 8952/tcp # NSD authoritative DNS server
> > control
> > +unbound-cntl 8953/tcp # Unbound validating,
> > recursive, and caching DNS server control
> > hunt 26740/udp # hunt(6)
+1 on sperreault's comment to use iana names. And let's try not
to go over 80 columns unnecessarily please.
