> My question now is what is the logic behind requiring a user to be in > TCPIP¹s Obey list to allow it to use certain TCP/IP ports and protocols. It > isn¹t everything, because things like FTP work, and I think you can play > fairly fast and loose with higher numbered ports.
Port number < 1024 are considered "privileged" on Unix TCP/IP stacks, and imply that the process operating on them is somehow authorized. The virtual machine manipulating a low port has to be either in the OBEY list OR listed on the PORT statement in the TCPIP profile. > Also: If I violate this using Pipe and the UDP stage, why don¹t I get a > non-zero return code? Because there are no guarantees in the IP protocol specifications that UDP packets are ever delivered. UDP was designed to have those semantics, and thus if you use UDP, you're expected to handle missing packets yourself. If you want guaranteed delivery, you're expected to use TCP. > Shouldn¹t there be an indication somewhere that the data wasn¹t > sent? Nope. That's the risk one takes with UDP. This is why syslog-NG uses TCP.
