Hi, On Thu, Apr 14, 2016 at 5:55 PM, Indranil Das Gupta <[email protected]> wrote: > Now 210 tcp/udp is earmarked for z3950. > > Question: with a package based install is there any possible downside > (especially security wise) to run on port 210? Anything that I should > particularly look out for?
Since by default, only root can bind to ports less than 1024, the stock koha-start-zebra won't let you do it, as it changes user to the Koha instance user before starting zebrasrv. However, there are several ways around this: - use iptables to forward port 210 to zebrasrv - run metaproxy or yazproxy to listen on port 210 and pass queries on to zebrasrv; if you expect that the Z39.50 target will be heavily used, this approach can also save system resources, as metaproxy can cache query results. - use capabilities and grant zebrasrv an exception so that it can bind on a privileged port - just use a non-privileged port; I don't know of any Z39.50 clients that don't let the user specify a non-default port. Regards, Galen -- Galen Charlton Infrastructure and Added Services Manager Equinox Software, Inc. / Open Your Library email: [email protected] direct: +1 770-709-5581 cell: +1 404-984-4366 skype: gmcharlt web: http://www.esilibrary.com/ Supporting Koha and Evergreen: http://koha-community.org & http://evergreen-ils.org _______________________________________________ Koha mailing list http://koha-community.org [email protected] https://lists.katipo.co.nz/mailman/listinfo/koha
