[Dnsmasq-discuss] DNS query random ports

Simon Kelley simon at thekelleys.org.uk
Tue Aug 21 22:24:30 BST 2018


On 10/08/18 13:37, Petr Menšík wrote:
> Hello,
> 
> we discovered our dnsmasq  were using also privileged source ports when
> sending queries. Interesting enough, it has right to do it, because it
> has to listen also on privileged port. It never drops such privilege.
> 
> It was fixed in commit [1]. But my question is, why is there even custom
> generator or random ports, when OS can do it itself? And usually far
> better? So I dug a bit into it and came with patch, that would use
> random ports from OS by default.
> 
> When I tested it, I got the same results when skipping bind() call on
> random ports at all. Is there some reason, why dnsmasq does not follow
> OS policy for source outgoing port and choses its own range by itself?
> 
> 1.
> http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=baf553db0cdb50707ddab464fb3eff7786ea576c
> 

The random port code was added to dnsmasq in response to the Kaminsky
Birthday attack paper, which was in 2009. At that point, there were
still people seriously running routers (and therefore dnsmasq) on Linux
2.0 kernels. As best I remember, I did it the way I did because I
couldn't be sure that all the platforms dnsmasq would run on would
allocate sufficiently random ports: RFC6056 was still more than a year
in the future.


I'm sure that code could be simplified now.

Simon.




More information about the Dnsmasq-discuss mailing list