|
Size: 1362
Comment:
|
← Revision 4 as of 2023-07-19 15:23:36 ⇥
Size: 1501
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 4: | Line 4: |
---- == Connections == ---- == Name Resolution == See [[Linux/DNS|here]]. |
|
| Line 27: | Line 41: |
| == Ports == | == Address == |
| Line 31: | Line 45: |
| === Privileged Ports === | === DHCP === === Ports === |
| Line 45: | Line 63: |
| ---- | |
| Line 47: | Line 66: |
== Firewalls == |
|
| Line 48: | Line 70: |
Linux Networking
Contents
Connections
Name Resolution
See here.
Routing
By default, the Linux kernel will not forward IP packets (i.e. will not NAT).
This is overridden like:
#works until reboot sudo sh -c 'echo 1 > /proc/sys/net/ipv4/ip_forward' #permanently sudo sh -c 'echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf'
Address
DHCP
Ports
Ports 1 through 1024 are privileged and can only be bound by root processes.
To adjust this range (i.e. to lower the privileged range and allow a non-root process use of port 80), try:
#works until reboot sudo sh -c "echo 80 > /proc/sys/net/ipv4/ip_unprivileged_port_start" #permanent sudo sh -c 'echo "net.ipv4.ip_unprivileged_port_start=80" >> /etc/sysctl.conf'
Firewalls
Unix Sockets
Linux offers a file-like object that can act like TCP/IP sockets for inter-process communication. These are known as Unix sockets.
Some advantages to a Unix socket over a traditional TCP/IP socket are:
- as first class file-like objects, Unix sockets obey file permissions
- Unix sockets are only addressable on the local file system, mitigating some security concerns
because there is no routing beyond filesystem lookups, Unix sockets can be faster