mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2025-01-06 06:30:19 +00:00
Code Issues Releases Activity
5349e79716
freebsd-ports/dns/dnscrypt-proxy2/files
History
Danilo G. Baio 97d8640199 dns/dnscrypt-proxy2: Add mac_portacl option in rc script 
Version 2 of dnscrypt-proxy is written in Go and therefore isn't capable
of dropping privileges after binding to a low port on FreeBSD.

By default, this port's daemon will listen on port 5353 (TCP/UDP).

With this option it's possible to bind it and listen on port 53 (TCP/UDP)
with mac_portacl(4) kernel module (network port access control policy).
For this add dnscrypt_proxy_mac_portacl_enable=YES in your rc.conf.
The dnscrypt-proxy startup script will load mac_portacl and add a rule
where %%USER%% user will be able to bind on port 53 (TCP/UDP). This port
can be changed by dnscrypt_proxy_mac_portacl_port variable in your rc.conf.
You also need to change dnscrypt-proxy config file to use port 53.

Suggested by:	feld
Approved by:	egypcio@googlemail.com (maintainer)
Differential Revision:	https://reviews.freebsd.org/D15151
2018-04-24 01:06:47 +00:00
..
dnscrypt-proxy.in dns/dnscrypt-proxy2: Add mac_portacl option in rc script 2018-04-24 01:06:47 +00:00
pkg-message.in dns/dnscrypt-proxy2: Add mac_portacl option in rc script 2018-04-24 01:06:47 +00:00