Make quasselcore listen on port 443

I use IRC in my day to day job. I am a professional open source developer, so what else would I use.

For the last few years I have been using quassel, the core component sitting on a cloudserver, which allows me to have clients running on my phone, laptop, desktop… really where ever. However sometimes you find yourself at a place that has a firewall that port filters. If your lucky you might be able to ssh, and thereby get away with using an ssh tunnel. But I found it much easier to just get the quasselcore to listen on port 443 rather then the default 4242.

Changing the port it listens on is easy. If your using debian (or ubuntu) you just need to change/add /etc/default/quasselcore to have:

PORT="443"

But that is only half the battle. 443 is a privileged port, so the default user quasselcore doesn’t have the rights to bind to that port. So we have 2 options.

  1. run the daemon as root
  2. Use setcap to allow the daemon to bind to privileged ports.

The first is easy, but a little dirty. Simply change the user in either the default file or update the init script. But option 2 is much cleaner, and actually not that hard.

First you need to make sure you have setcap installed:

sudo apt-get install libcap2-bin

Now we simply need to bless the quasselcore binary with the required capability:

sudo setcap 'cap_net_bind_service=+ep' /usr/bin/quasselcore

Now when you start quasselcore you’ll see it listening on port 443:

sudo netstat -ntlp |grep quassel

Leave a Reply