In Linux systems, in order to prevent client programs from using specific ports bound by server programs (for example, 12345) when allocating TCP source ports, multiple strategies can be adopted to avoid port conflicts. First, by using ip_local_reserved_ports to reserve ports, port 12345 can be set as a port that cannot be automatically allocated by the operating system, thus ensuring that the client will not use the port. Secondly, it can be manually specified by the client source port range, or use firewall (iptables/nftables) control to limit the use of certain ports. In addition, program-level checking and regulating port range is also a feasible method. In some cases, using the SO_REUSEADDR option allows multiple programs to bind to the same port. Although this is not unconventional recommended practice, in general, priority setting of reserved ports with sysctl is the easiest and most effective solution, but other methods can be used to ensure that ports do not conflict.
Use ip_local_reserved_ports to reserve ports
By adjustingsysctlParameters, can be12345Ports are reserved as ports that cannot be automatically allocated by the operating system. This will ensureclientThe program will not be used when the source port is allocated12345。
step
Check the current reserved port:
sysctl net.ipv4.ip_local_reserved_ports
Set the reserved port to12345:
sudo sysctl -w net.ipv4.ip_local_reserved_ports=12345
If there are any other reserved ports, you can12345Add in, keeping multiple ports. For example, if it has been preserved1024arrive2000,but:
sudo sysctl -w net.ipv4.ip_local_reserved_ports="12345,1024-2000"
Make changes permanent, edit/etc/:
echo "net.ipv4.ip_local_reserved_ports=12345" | sudo tee -a /etc/ sudo sysctl -p
Doing so ensures that the operating system does not automatically allocate12345The port serves as the source port of the client.
Manually specify the client source port range
You can alsoclientManually set its source port range in the program to avoid using it12345port. This can be calledbind()The function specifies the client source port range, but this requires modificationclientThe code of the program.
For example, in socket programming in C language, you can bind it through the following codeclientProgram to a specific range of ports:
struct sockaddr_in local_addr; memset(&local_addr, 0, sizeof(local_addr)); local_addr.sin_family = AF_INET; local_addr.sin_addr.s_addr = INADDR_ANY; local_addr.sin_port = htons(0); // Automatically allocate ports, but limit the range // Bind client socket to a specific range (avoid 12345) bind(client_sock, (struct sockaddr *)&local_addr, sizeof(local_addr));
In this way, you can make sure that the client does not occupy a specific port.
Firewall (iptables/nftables) controls source port allocation
Can be passediptablesornftablesTo restrict the use of certain ports, ensure that client programs cannot bind specific ports, for example12345。
Use iptables
# Block the client from using 12345 as the source portiptables -A OUTPUT -p tcp --sport 12345 -j REJECT
Using nftables
# Block the client from using 12345 as the source portnft add rule inet filter output tcp sport 12345 drop
Through firewall rules, the operating system isclientWill not be used when allocating the source port12345。
Program level inspection
You can alsoserverWhen the program starts, check the port in advance12345Whether it has been occupied. ifclientThe port has been accidentally occupied.serverYou can actively try using the alternate port or wait for rebinding.
netstat -tuln | grep :12345
Or by snapping in the codebind()To deal with errors accordingly.
Adjust the port range
If you want to further limit the range of source ports automatically allocated by the system, you can adjust itip_local_port_rangeTo specify a port range, make sure that the range does not include12345。
# View the currently automatically allocated port rangesysctl net.ipv4.ip_local_port_range # Set a new port range to ensure that 12345 is not includedsudo sysctl -w net.ipv4.ip_local_port_range="1025 12344"
Using SO_REUSEADDR
In some cases, if the client occupies the port without affecting itserverThe program starts, can beserverUsed inSO_REUSEADDROption to allow multiple programs to bind to the same port, especially if the client only uses the port briefly. Note that this is not a regular recommended method, but can be used in certain situations.
int opt = 1; setsockopt(server_sock, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
Summarize
To ensureclientNot used12345Ports can be used firstsysctlSetting up reserved ports is the easiest and most effective solution. If more nuanced control is required, you can also ensure that the ports do not conflict by modifying client code, using firewall rules, or adjusting port ranges.
This is the article on avoiding port conflicts between clients and servers in Linux. For more related port conflicts between Linux clients and servers, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!