4 sysctl security.mac.portacl >/dev/null 2>&1
7 echo "not ok 1 # MAC_PORTACL is unavailable."
19 [ "${proto}" = "udp" ] && udpflag="-u"
24 ( echo -n | su -m ${name} -c "nc ${udpflag} -o -l 127.0.0.1 $port" 2>&1 ) &
33 echo | nc ${udpflag} -o 127.0.0.1 $port >/dev/null 2>&1
37 "nc: Permission denied"*|"nc: Operation not permitted"*)
50 expect_without_rule=${1}
57 sysctl security.mac.portacl.rules= >/dev/null
58 out=`check_bind ${idtype} ${name} ${proto} ${port}`
59 if [ "${out}" = "${expect_without_rule}" ]; then
61 elif [ "${out}" = "ok" -o "${out}" = "fl" ]; then
62 echo "not ok ${ntest}"
64 echo "not ok ${ntest} # ${out}"
68 if [ "${idtype}" = "uid" ]; then
70 elif [ "${idtype}" = "gid" ]; then
75 sysctl security.mac.portacl.rules=${idtype}:${idstr}:${proto}:${port} >/dev/null
76 out=`check_bind ${idtype} ${name} ${proto} ${port}`
77 if [ "${out}" = "${expect_with_rule}" ]; then
79 elif [ "${out}" = "ok" -o "${out}" = "fl" ]; then
80 echo "not ok ${ntest}"
82 echo "not ok ${ntest} # ${out}"
86 sysctl security.mac.portacl.rules= >/dev/null
89 reserved_high=`sysctl -n net.inet.ip.portrange.reservedhigh`
90 suser_exempt=`sysctl -n security.mac.portacl.suser_exempt`
91 port_high=`sysctl -n security.mac.portacl.port_high`
94 sysctl -n net.inet.ip.portrange.reservedhigh=${reserved_high} >/dev/null
95 sysctl -n security.mac.portacl.suser_exempt=${suser_exempt} >/dev/null
96 sysctl -n security.mac.portacl.port_high=${port_high} >/dev/null