Lines Matching +full:port +full:- +full:id

7 .\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
36 .Nd "network port access control policy"
38 To compile the port access control policy into your kernel,
41 .Bd -ragged -offset indent
46 Alternately, to load the port access control policy module at boot time,
48 .Bd -ragged -offset indent
73 and the port(s) protected by
92 connections where the process has not explicitly selected a port:
97 is enabled, it will control binding access to ports up to the port
104 controlled ports will fail if not explicitly allowed by the port
110 is set to a non-zero value.
114 MIBs are available for fine-tuning the enforcement of this MAC policy.
123 .Bl -tag -width indent
130 The highest port number
135 The port access control list is specified in the following format:
138 .D1 Ar idtype : id : protocol : port Op , Ar idtype : id : protocol : port , ...
140 .Bl -tag -width ".Ar protocol"
145 for user ID matching, or
147 for group ID matching.
148 .It Ar id
149 The user or group ID (depending on
151 allowed to bind to the specified port.
152 .Bf -emphasis
153 NOTE: User and group names are not valid; only the actual ID numbers
163 .It Ar port
164 Describes which port this entry applies to.
165 .Bf -emphasis
171 If the specified port falls within the range specified, the
175 port).
180 protected ports, even if the port access control list does not
184 Allow applications to use automatic binding to port 0.
185 Applications use port 0 as a request for automatic port allocation when
187 This tunable will exempt port 0 allocation from rule checking.
214 Inc.\& under DARPA/SPAWAR contract N66001-01-C-8035