[Openswan Users] Issue with openswan opening a TCP port that conflicts with another service

Elison Niven elison.niven at elitecore.com
Tue Jul 31 08:23:13 EDT 2012


Hi,

I think you may be calling "service ipsec xxx" using execve or system() 
from another program.
Is it so ? TCP port 3082 might be opened by your program that invokes pluto.
http://stackoverflow.com/questions/6945865/process-started-from-system-command-in-c-inherits-parent-fds
Your child process inherits every open file descriptor from the parent, 
including the sockets you opened.

On Tuesday 31 July 2012 07:57 AM, Willie Gillespie wrote:
> On 07/30/2012 04:54 PM, Igor Lasic wrote:
>> Hello Muhammad, thanks for responding.
>>
>> I am seeing TCP port 3082 opened as in below. We have also tried with
>> port 3081 and got the same result where pluto took it.
>>
>> Unfortunately we cannot guarantee the order in which services will start
>> and cannot use other means such as SE security.
>>
>> netstat -nap | grep 3082
>> *tcp        0      0 0.0.0.0:3082 0.0.0.0:* LISTEN
>> _7450_/sh*
>
> Very strange.  My installs only show they are listening on UDP/500 and 
> UDP/4500.
>
> They also show the PID/pluto (instead of the PID/sh that yours show).
>
> Do you think something is messed up with your installation?
> _______________________________________________
> Users at lists.openswan.org
> https://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>

-- 
Best Regards,
Elison Niven

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20120731/6ded3f3b/attachment.html>


More information about the Users mailing list