[
https://issues.apache.org/jira/browse/HDFS-6406?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13999051#comment-13999051
]
Andrew Wang commented on HDFS-6406:
-----------------------------------
Hey ATM, definitely a nice feature here. A few review comments:
- I believe privileged ports are [0-1023] inclusive, so 1024 actually isn't a
privileged port. Based on the comment in hdfs-default.xml, the correct value
would actually be 1023.
- There's some ambiguity about setting a value of 0 for this config parameter.
Zero isn't positive or negative and also isn't a valid port (and thus not a
valid config setting either), but we don't WARN or abort on this. It might make
sense to have 0 be the default special value rather than introducing the
special "-1", and then throwing some exception if a negative value is set.
- Because of the above two comments, I'd prefer a boolean rather than
specifying an int, which seems more error prone. AFAIK you can't configure the
privileged port range (which I think is kind of the point), so I don't see much
utility in being able to specify a range.
- This is a good opportunity to try out SLF4J if you're interested, since we
can skip the isDebugEnabled if wrappers
- Typo in test: "s/rung/run"
> Add capability for NFS gateway to reject connections from unprivileged ports
> ----------------------------------------------------------------------------
>
> Key: HDFS-6406
> URL: https://issues.apache.org/jira/browse/HDFS-6406
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: nfs
> Affects Versions: 2.4.0
> Reporter: Aaron T. Myers
> Assignee: Aaron T. Myers
> Attachments: HDFS-6406.patch, HDFS-6406.patch
>
>
> Many NFS servers have the ability to only accept client connections
> originating from privileged ports. It would be nice if the HDFS NFS gateway
> had the same feature.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
