Linux Networking

---

Connections

---

Name Resolution

See here.

---

Routing

By default, the Linux kernel will not forward IP packets (i.e. will not NAT).

This is overridden like:

#works until reboot
sudo sh -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'

#permanently
sudo sh -c 'echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf'

---

Address

DHCP

Ports

Ports 1 through 1024 are privileged and can only be bound by root processes.

To adjust this range (i.e. to lower the privileged range and allow a non-root process use of port 80), try:

#works until reboot
sudo sh -c "echo 80 > /proc/sys/net/ipv4/ip_unprivileged_port_start"

#permanent
sudo sh -c 'echo "net.ipv4.ip_unprivileged_port_start=80" >> /etc/sysctl.conf'

---

Firewalls

---

Unix Sockets

Linux offers a file-like object that can act like TCP/IP sockets for inter-process communication. These are known as Unix sockets.

Some advantages to a Unix socket over a traditional TCP/IP socket are:

• as first class file-like objects, Unix sockets obey file permissions
• Unix sockets are only addressable on the local file system, mitigating some security concerns

• because there is no routing beyond filesystem lookups, Unix sockets can be faster

---

CategoryRicottone