From nobody@FreeBSD.org  Wed Feb 13 14:48:14 2002
Return-Path: <nobody@FreeBSD.org>
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 18BF837B41A
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 13 Feb 2002 14:48:14 -0800 (PST)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g1DMmEQ01440;
	Wed, 13 Feb 2002 14:48:14 -0800 (PST)
	(envelope-from nobody)
Message-Id: <200202132248.g1DMmEQ01440@freefall.freebsd.org>
Date: Wed, 13 Feb 2002 14:48:14 -0800 (PST)
From: Gerd Knops <gerti-freebsd@bitart.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: portmap can not exclusively bind to 127.0.0.1 [patch included]
X-Send-Pr-Version: www-1.0

>Number:         34919
>Category:       bin
>Synopsis:       portmap can not exclusively bind to 127.0.0.1 [patch included]
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Feb 13 14:50:02 PST 2002
>Closed-Date:    Sun Nov 24 03:38:31 PST 2002
>Last-Modified:  Sun Nov 24 03:38:31 PST 2002
>Originator:     Gerd Knops
>Release:        4.5 stable
>Organization:
BITart Consulting
>Environment:
FreeBSD install.bitart.com 4.5-STABLE FreeBSD 4.5-STABLE #0: Wed Feb 13 15:55:02 CST 2002     me@install.bitart.com:/usr/obj/usr/src/sys/INFAX_BAK  i386

>Description:
When using software like the Cryptographic File System (pretends to be an NFS server) it may be desirable to bind portmap only to address 127.0.0.1.

Unders 4.5 stable this isn't possible. '-h 127.0.0.1' results in portmap to attempt to bind to 127.0.0.1 twice, and it fails.

The patch below introduces the '-l' flag which enables portmap to bind to 127.0.0.1 exclusively.
>How-To-Repeat:
      
>Fix:
--- portmap.c.orig	Wed Feb 13 16:01:01 2002
+++ portmap.c	Wed Feb 13 16:05:45 2002
@@ -122,8 +122,9 @@
 	struct sockaddr_in addr;
 	int len = sizeof(struct sockaddr_in);
 	register struct pmaplist *pml;
+	int local = 0;
 
-	while ((c = getopt(argc, argv, "dvh:")) != -1) {
+	while ((c = getopt(argc, argv, "dvlh:")) != -1) {
 		switch (c) {
 
 		case 'd':
@@ -139,6 +140,9 @@
 			hosts = realloc(hosts, nhosts * sizeof(char *));
 			hosts[nhosts - 1] = optarg;
 			break;
+		case 'l':
+			local = 1;
+			break;
 
 		default:
 			usage();
@@ -163,6 +167,7 @@
 	hosts = realloc(hosts, nhosts * sizeof(char *));
 	if (nhosts == 1)
 		hosts[0] = "0.0.0.0";
+		if(local == 1) hosts[0] = "127.0.0.1";
 	else
 		hosts[nhosts - 1] = "127.0.0.1";
 
--- portmap.8.orig	Wed Feb 13 16:06:35 2002
+++ portmap.8	Wed Feb 13 16:17:22 2002
@@ -48,6 +48,7 @@
 .Nm
 .Op Fl d
 .Op Fl v
+.Op Fl l
 .Op Fl h Ar bindip
 .Sh DESCRIPTION
 .Nm Portmap
@@ -114,6 +115,10 @@
 to portmap returning a udp packet from a different IP address then it was
 sent to.  Note that when specifying ip addresses with -h,
 portmap will automatically add 127.0.0.1 to the list so you don't have to.
+.It Fl l
+This option allows for portmap to bind to 127.0.0.1 only.  This can be
+used if you want to run CFS (Cryptographic File System) and want to
+only allow local access.
 .El
 .Sh SEE ALSO
 .Xr hosts_access 5 ,

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: maxim 
State-Changed-When: Sun Nov 24 03:37:20 PST 2002 
State-Changed-Why:  
Duplicate of bin/30235. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=34919 
>Unformatted:
