Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
setcap 'cap_net_bind_service=+ep' for FreeBSD
# ref.
# https://www.freebsd.org/cgi/man.cgi?query=mac_portacl&sektion=4
# https://www.freebsd.org/doc/handbook/mac-policies.html
# load the kernel module
kldload mac_portacl
# set the new security rules
sysctl security.mac.portacl.rules=uid:80:tcp:80,uid:80:tcp:443
# disable default port protection
sysctl net.inet.ip.portrange.reservedhigh=0
# ->
# /boot/loader.conf
# /etc/sysctl.conf
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment