In experimenting with FreeNAS jails I wanted to allow a web service to use port 80. Normally 80 is a high order port reserved for root-level processes for security reasons. Since this is a FreeBSD jail and not a full on system I’m not worried about this.
The command to do so is fairly simple (thanks to this page for information)
sysctl net.inet.ip.portrange.reservedhigh=0
The above command is not permanent; to make it so add it to /etc/sysctl.conf:
echo "net.inet.ip.portrange.reservedhigh=0" >> /etc/sysctl.conf
This worked! Thank you very much for the simple solution.
I found out IPFW couldn’t redirect traffic to another port unless the kernel had some option compiled in… and of course mine didn’t. So I was in the process of switching over to PF…
This was so much easier! Cheers!
Is it possible to grant a specific process or user this privilege instead of just disabling the entire security layer?