unbound.conf: also add outgoing-port-avoid: 0-32767 to ensure we
don't hit the SElinux restrictions of ephemeral ports
This commit is contained in:
Paul Wouters
parent
90b7fa1c7e
commit
24ebb22384
@ -80,7 +80,8 @@ server:
|
||||
# Use this to make sure unbound does not grab a UDP port that some
|
||||
# other server on this computer needs. The default is to avoid
|
||||
# IANA-assigned port numbers.
|
||||
# outgoing-port-avoid: "3200-3208"
|
||||
# Our SElinux policy does not allow non-ephemeral ports to be used
|
||||
outgoing-port-avoid: 0-32767
|
||||
|
||||
# number of outgoing simultaneous tcp buffers to hold per thread.
|
||||
# outgoing-num-tcp: 10
|
||||
|
||||
@ -282,6 +282,7 @@ exit 0
|
||||
- Enabled new max-udp-size: 3072 (so ANY isc.org won't fit)
|
||||
- Removed patched merged in by upstream
|
||||
- Enable statistics-cumulative for munin-plugin
|
||||
- Added outgoing-port-avoid: 0-32767 conformant to SElinux restrictions
|
||||
- Updated unbound.conf
|
||||
|
||||
* Mon Aug 26 2013 Tomas Hozza <thozza@redhat.com> - 1.4.20-19
|
||||
|
||||
Loading…
Reference in New Issue
Block a user