postel@VENERA.ISI.EDU (08/03/90)
Hi. Barns and Provan are correct. --jon. Bill Barns says: I'm concerned that the replies I've seem posted didn't talk about the difference between local ports and remote ports. Any system can have whatever notion of reserved local ports that it cares to adopt. It should not be necessary, and in my opinion it is wrong, for one system (call it A) to know or care about the reserved ports, if any, of some other system (call it B). It isn't very convenient for me to test it, but I think that a vanilla BSD UNIX behaves as I describe, i.e., will let any of its users connect to port 1000 of a remote host, but won't let a user use local port 1000 without having the requisite privilege. When system A sends an FTP PORT command to the server on system B, the port number mentioned is a port number on system A. System B ought to believe whatever system A asserts about port numbers on system A, even if that port number is used differently on system B or elsewhere. It's the responsibility of system A to pick a reasonable port number (for example, system A shouldn't choose the port number used by a server that system A supports). But if system A thinks that 1000 is a reasonable port number, system B should be willing to talk to system A's port 1000. Note that FTP PASV also handles the ports this way. When system A sends a PASV command to system B, system B responds with a port number on system B, chosen by system B according to whatever local rules apply there. System A doesn't need to know why system B made whatever choice it made. System A should just connect to the port on system B that system B chose. Don Provan says: I applaud the IBM developers for making this simple change to accommodate the HP implementation, but i want everyone to understand that the HP implementation is, in fact, broken. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~