I don't know how happy I am about this. Whatever sets up the
transparent
proxy business can block any attempt to communicate over these ports.
Also, protocols like SCTP need the new handling too.
Hi David
The purpose of this patch was to allow the transparent proxy application
to block the specific socket ranges to prevent the communication on the
specific ports.
Dropping packets for this particular port using iptables could lead to
applications on the system getting stuck without getting a socket error.
If bind fails explicitly, the application can atleast retry for some
other
port.
Is there some alternate existing mechanism to achieve this already?
--
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum,
a Linux Foundation Collaborative Project
