Closed milosmalik closed 2 years ago
Describe the bug Users of udica may be confused by the fact that allowing port 21 also means that ports 989 and 990 are allowed too, because from SELinux policy point of view they are labeled the same way: ftp_port_t.
To Reproduce Steps to reproduce the behavior:
Expected behavior Documentation should contain a note about this behavior.
Additional context Ephemeral ports (32768-61000) are allowed too unless the content of /proc/sys/net/ipv4/ip_local_port_range is changed.
Describe the bug Users of udica may be confused by the fact that allowing port 21 also means that ports 989 and 990 are allowed too, because from SELinux policy point of view they are labeled the same way: ftp_port_t.
To Reproduce Steps to reproduce the behavior:
Expected behavior Documentation should contain a note about this behavior.
Additional context Ephemeral ports (32768-61000) are allowed too unless the content of /proc/sys/net/ipv4/ip_local_port_range is changed.