On Thu, Dec 19, 2019 at 06:35:13PM +0900, Lorenzo Colitti wrote: > On Fri, 13 Dec 2019, 20:49 Neil Horman, <nhorman@xxxxxxxxxxxxx> wrote: > > Just out of curiosity, why are the portreserve and portrelease utilities not a > > solution to this use case? > > As I understand it, those utilities keep the ports reserved by binding > to them so that no other process can. This doesn't work for Android > because there are conformance tests that probe the device from the > network and check that there are no open ports. > But you can address that with some augmentation to portreserve (i.e. just have it add an iptables rule to drop frames on that port, or respond with a port unreachable icmp message) Neil
