On Fri, Dec 18, 2015 at 12:40:46PM +0300, Efim wrote: > CAD opens random port because the option WEBPORT has default value "0 0" and > CAD randomly assign a free TCPport (the first parameter for CAD, the second > for WEB client). > I think it’s impossible to prevent this. > As workaround you can set fixed port(s) and close it using firewall. > Example: WEBPORT 55000 0 or WEBPORT 55000 55001
Am I the only one that finds this design totally unacceptable? If you're not using the webclient functionality and are only using schedmode polling, I don't see any reason why dsmcad (often running as root, so the security implications are obvious) should listen to a network port. Perhaps there is something I am not aware of? One might think that setting tcpclientaddress to 127.0.0.1 (localhost) would somewhat migitate this, but no - it does not have any effect if you are not using schedmode prompted. Yes, of course it is always possible to use host-based firewalls to close the ports, but it is a workaround that really should not be necessary.
