The portreserve program aims to help services with well-known ports that lie in the portmap range. It prevents portmap from a real service’s port by occupying it itself, until the real service tells it to release the port (generally in the init script).
For example the cups package provides /etc/portreserve/cups.
# cat /etc/portreserve/cups ipp
In /etc/services, it is defined “service-name ipp” is equal to 631 ports. When portreserve service starts, portreserve reserves 631 ports.
# cat /etc/services | grep -w ipp ipp 631/tcp # Internet Printing Protocol ipp 631/udp # Internet Printing Protocol
# netstat -lanp | grep 631 udp 0 0 0.0.0.0:631 0.0.0.0:* 1628/portreserve
Configuration Files
– /etc/portreserve/* – Service configuration files
– /var/run/portreserve/socket – communication socket for portrelease
What happens when portrelease daemon starts
When the portreserve daemon is started, it examines the /etc/portreserve/ directory. Each file not containing “.” or “~” in its name is considered to be a service configuration file, and must contain a service name (as listed in /etc/services) or a port number. UDP services may be specified by appending “/udp” to the service name, and TCP services by “/tcp“. Several services may be specified, one per line.
For example, /etc/portreserve/cups might contain the string “ipp” or, equivalently, “ipp/tcp” and “ipp/udp” on separate lines.
For each service configuration file, a socket is created and bound to the appropriate port. A service wishing to bind to its port must first run portrelease, which instructs portreserve to release the port associated with the service.
Once all the reserved ports have been released, the daemon exits.