port-range-listen — the ability of proxies to listen on a port range and the related aspects


The Kernun firewall proxies are able to listen on a contiguous set of ports, i.e., on a port range.


Proxies can be configured to listen on a port range in their listen-on(5) section, in both transparent and non-transparent item, by specifying the optional element ports. Both TCP and UDP based proxies may be configured to listen on a port range.

Proxies listening on a port range can be identified in a running system using sockstat(1) as they show the port range instead of a single port number:

kernun   sip-proxy  97949 9  tcp4   vr0>>:5060-5062       *:*
kernun   sip-proxy  97949 10 udp4   vr0>>:5060-5062       *:*


The port range may not intersect the port ranges defined by sysctl net.inet.ip.portrange

  • lowfirstlowlast

  • firstlast

  • hifirsthilast

See Also

Kernun: listen-on(5), transparency(7)

FreeBSD: sockstat(1), sysctl(8)


This man page is a part of Kernun Firewall.
Copyright © 2000–2023 Trusted Network Solutions, a. s.
All rights reserved.