Re: [PATCH RESEND] ip.7: Document IP_LOCAL_PORT_RANGE socket option

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Jakub,

On 7/7/23 16:17, Jakub Sitnicki wrote:
Linux commit 91d0b78c5177 ("inet: Add IP_LOCAL_PORT_RANGE socket option")
introduced a new socket option available for AF_INET and AF_INET6 sockets.

Option is available starting from Linux 6.3. Document it.

Reviewed-by: Simon Horman <simon.horman@xxxxxxxxxxxx>
Signed-off-by: Jakub Sitnicki <jakub@xxxxxxxxxxxxxx>
---
Resending the man page update now that the feature has been released.
Previous submission can be found at [1].

I'm the author of the feature. We did a technical review of the man page text
together with the code [2].

Thanks!  Patch applied.

Cheers,
Alex


[1]: https://lore.kernel.org/all/20230201123634.284689-1-jakub@xxxxxxxxxxxxxx/
[2]: https://lore.kernel.org/all/20221221-sockopt-port-range-v6-0-be255cc0e51f@xxxxxxxxxxxxxx/
---
  man7/ip.7 | 21 +++++++++++++++++++++
  1 file changed, 21 insertions(+)

diff --git a/man7/ip.7 b/man7/ip.7
index 92ecf4b3e..c97a917ff 100644
--- a/man7/ip.7
+++ b/man7/ip.7
@@ -499,6 +499,27 @@ and
  .B IP_TOS
  are ignored.
  .TP
+.BR IP_LOCAL_PORT_RANGE " (since Linux 6.3)"
+Set or get the per-socket default local port range. This option can be used to
+clamp down the global local port range, defined by the
+.I ip_local_port_range
+.I /proc
+interface described below, for a given socket.
+.IP
+The option takes an
+.I uint32_t
+value with the high 16 bits set to the upper range bound, and the low 16 bits
+set to the lower range bound. Range bounds are inclusive. The 16-bit values
+should be in host byte order.
+.IP
+The lower bound has to be less than the upper bound when both bounds are not
+zero. Otherwise, setting the option fails with EINVAL.
+.IP
+If either bound is outside of the global local port range, or is zero, then that
+bound has no effect.
+.IP
+To reset the setting, pass zero as both the upper and the lower bound.
+.TP
  .BR IP_MSFILTER " (since Linux 2.4.22 / 2.5.68)"
  This option provides access to the advanced full-state filtering API.
  Argument is an

--
<http://www.alejandro-colomar.es/>
GPG key fingerprint: A9348594CE31283A826FBDD8D57633D441E25BB5

Attachment: OpenPGP_signature
Description: OpenPGP digital signature


[Index of Archives]     [Kernel Documentation]     [Netdev]     [Linux Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux