Simplify random port allocation, and add net.inet.ip.portrange.randomized,

which can be used to turn off randomized port allocation if so desired. Requested by: alfred
svn path=/head/; revision=128547
2025-01-16 15:11:52 +00:00 · 2004-04-22 08:32:14 +00:00 · 2004-04-22 08:32:14 +00:00 · 6ac48b7409 · 2020-12-20 02:59:44 +00:00
commit 6ac48b7409
parent b1084a1e96
1 changed files with 13 additions and 27 deletions
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c
@ -97,6 +97,9 @@ int	ipport_hilastauto  = IPPORT_HILASTAUTO;		/* 65535 */
 int	ipport_reservedhigh = IPPORT_RESERVED - 1;	/* 1023 */
 int	ipport_reservedlow = 0;

+/* Shall we allocate ephemeral ports in random order? */
+int	ipport_randomized = 1;
+
 #define RANGECHK(var, min, max) \
 	if ((var) < (min)) { (var) = (min); } \
 	else if ((var) > (max)) { (var) = (max); }
@ -138,6 +141,8 @@ SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, reservedhigh,
 	   CTLFLAG_RW|CTLFLAG_SECURE, &ipport_reservedhigh, 0, "");
 SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, reservedlow,
 	   CTLFLAG_RW|CTLFLAG_SECURE, &ipport_reservedlow, 0, "");
+SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomized,
+	   CTLFLAG_RW, &ipport_randomized, 0, "");

 /*
 * in_pcb.c: manage the Protocol Control Blocks.
@ -377,7 +382,7 @@ in_pcbbind_setup(inp, nam, laddrp, lportp, cred)
 	if (*lportp != 0)
 		lport = *lportp;
 	if (lport == 0) {
-		u_short first, last, old;
+		u_short first, last;
 		int count, loopcount;

 		if (laddr.s_addr != INADDR_ANY)
@ -406,27 +411,17 @@ in_pcbbind_setup(inp, nam, laddrp, lportp, cred)
 		 * We split the two cases (up and down) so that the direction
 		 * is not being tested on each round of the loop.
 		 */
-		loopcount = old = 0;
-portloop:
+		loopcount = 0;
 		if (first > last) {
 			/*
 			 * counting down
 			 */
-			if (loopcount == 0) {	/* only do this once */
-				old = first;
-				first -= (arc4random() % (first - last));
-			}
+			if (ipport_randomized)
+				*lastport = first - (arc4random() % (first - last));
 			count = first - last;
-			*lastport = first;		/* restart each time */
 			do {
-				if (count-- < 0) {	/* completely used? */
-					if (loopcount == 0) {
-						last = old;
-						loopcount++;
-						goto portloop;
-					}
+				if (count-- < 0)	/* completely used? */
 					return (EADDRNOTAVAIL);
-				}
 				--*lastport;
 				if (*lastport > first || *lastport < last)
 					*lastport = first;
@ -437,21 +432,12 @@ in_pcbbind_setup(inp, nam, laddrp, lportp, cred)
 			/*
 			 * counting up
 			 */
-			if (loopcount == 0) {	/* only do this once. */
-				old = first;
-				first += (arc4random() % (last - first));
-			}
+			if (ipport_randomized)
+				*lastport = first + (arc4random() % (last - first));
 			count = last - first;
-			*lastport = first;		/* restart each time */
 			do {
-				if (count-- < 0) {	/* completely used? */
-					if (loopcount == 0) {
-						first = old;
-						loopcount++;
-						goto portloop;
-					}
+				if (count-- < 0)	/* completely used? */
 					return (EADDRNOTAVAIL);
-				}
 				++*lastport;
 				if (*lastport < first || *lastport > last)
 					*lastport = first;