From 125101d535f385cbebab9ff140a0441cccbcd16f Mon Sep 17 00:00:00 2001 From: jbjohnso Date: Fri, 11 Apr 2008 18:12:10 +0000 Subject: [PATCH] -Restrict discovery to require binding to a privileged port on the node end git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@1024 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd --- xCAT-server-2.0/sbin/xcatd | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/xCAT-server-2.0/sbin/xcatd b/xCAT-server-2.0/sbin/xcatd index 7c7038e84..5c0f7a1cf 100755 --- a/xCAT-server-2.0/sbin/xcatd +++ b/xCAT-server-2.0/sbin/xcatd @@ -283,7 +283,9 @@ if ($inet6support) { while ($select->can_read(0)) { #Pull all buffer data that can be pulled $part = $socket->recv($data,1500); ($sport,$client) = sockaddr_in($part); - $packets{inet_ntoa($client)} = [$part,$data]; + if ($sport < 1000) { #Only remember udp packets from privileged ports + $packets{inet_ntoa($client)} = [$part,$data]; + } } foreach my $pkey (keys %packets) { ($sport,$client) = sockaddr_in($packets{$pkey}->[0]); @@ -291,7 +293,7 @@ if ($inet6support) { $peerhost=gethostbyaddr($client,AF_INET)."\n"; my $req = eval { XMLin($data, SuppressEmpty=>undef,ForceArray=>1) }; if ($req and $req->{command} and ($req->{command}->[0] eq "findme")) { - $req->{'_xcat_clienthost'}=gethostbyaddr($client,AF_INET)."\n"; + $req->{'_xcat_clienthost'}=gethostbyaddr($client,AF_INET); $req->{'_xcat_clientip'}=inet_ntoa($client); $req->{'_xcat_clientport'}=$sport; if (defined($cmd_handlers{"findme"})) {