Instead of messing with the qrsh mechanism, why don't you just change
the local port range, if you want a smaller range for your firewall?
/etc/sysctl.conf, add a line like (or if there is one modify it)
net.ipv4.ip_local_port_range = 32768 61000
(replacing the limits with ones you like).
Tin
On Thu, Aug 25, 2016 at 09:15:26AM +0100, William Hay wrote:
> On Wed, Aug 24, 2016 at 09:07:44PM +0200, Alexander Hasselhuhn wrote:
> > Dear Reuti,
> >
> > thanks for the reply, indeed at the moment there is a login node, but we
> > have plans to remove it (by setting up a route through our gate
On Wed, Aug 24, 2016 at 09:07:44PM +0200, Alexander Hasselhuhn wrote:
> Dear Reuti,
>
> thanks for the reply, indeed at the moment there is a login node, but we have
> plans to remove it (by setting up a route through our gateway, which makes
> some administrative tasks more smooth) and restrict
Dear Reuti,
thanks for the reply, indeed at the moment there is a login node, but we have
plans to remove it (by setting up a route through our gateway, which makes some
administrative tasks more smooth) and restricting access using firewalls. I
like your idea of restricting the address range
Hi,
Am 24.08.2016 um 19:33 schrieb Alexander Hasselhuhn:
> does anyone know which ports I would have to insert into my firewall config
> for qrsh to work? It seems qrsh opens a port on the submit host and listens
> on it. The ports seem to change randomly for each execution of qrsh.
How is the
OK, after having had a look into the source, I found the answer myself: the
range is not configurable. qrsh uses bind() and gets an automatically assigned
port, which is taken from the range of Dynamic and/or Private Ports, which on
my system are set in /proc/sys/net/ipv4/ip_local_port_range to
Hi,
does anyone know which ports I would have to insert into my firewall config for
qrsh to work? It seems qrsh opens a port on the submit host and listens on it.
The ports seem to change randomly for each execution of qrsh.
Btw. I'm using OGS/GE 2011.11p1.
Thanks,
Alex
smime.p7s
Descripti
