d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
215bab7924
freebsd-dev/sys/netinet6
History
Shivank Garg 215bab7924 mac_ipacl: new MAC policy module to limit jail/vnet IP configuration 
The mac_ipacl policy module enables fine-grained control over IP address
configuration within VNET jails from the base system.
It allows the root user to define rules governing IP addresses for
jails and their interfaces using the sysctl interface.

Requested by:	multiple
Sponsored by:	Google, Inc. (GSoC 2019)
MFC after:	2 months
Reviewed by:	bz, dch (both earlier versions)
Differential Revision: https://reviews.freebsd.org/D20967
2023-07-26 00:07:57 +00:00
..
dest6.c
frag6.c netinet6: make IPv6 fragment TTL per-VNET configurable. 2023-06-01 12:04:49 +00:00
icmp6.c netinet: Disallow unspecified addresses in ICMP-embedded packets 2023-03-13 10:45:56 -04:00
icmp6.h
in6_cksum.c netinet6: Implement in6_cksum_partial() using m_apply() 2023-06-23 09:55:43 -04:00
in6_fib_algo.c spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD 2023-05-12 10:44:03 -06:00
in6_fib.c IfAPI: Explicitly include <net/if_private.h> in netstack 2023-01-31 15:02:16 -05:00
in6_fib.h Add modular fib lookup framework. 2020-12-25 11:33:17 +00:00
in6_gif.c IfAPI: Explicitly include <net/if_private.h> in netstack 2023-01-31 15:02:16 -05:00
in6_ifattach.c IfAPI: Explicitly include <net/if_private.h> in netstack 2023-01-31 15:02:16 -05:00
in6_ifattach.h
in6_jail.c jail: convert several functions from int to bool 2023-03-14 21:05:33 -06:00
in6_mcast.c IfAPI: Explicitly include <net/if_private.h> in netstack 2023-01-31 15:02:16 -05:00
in6_pcb.c inpcb: Restore missing validation of local addresses for jailed sockets 2023-05-30 15:15:48 -04:00
in6_pcb.h inpcb: Avoid inp_cred dereferences in SMR-protected lookup 2023-04-20 12:13:06 -04:00
in6_proto.c ipv6: disable RFC 4620 nodeinfo by default 2023-04-26 13:47:59 -04:00
in6_rmx.c IfAPI: Explicitly include <net/if_private.h> in netstack 2023-01-31 15:02:16 -05:00
in6_rss.c Revert "wpa: Import wpa_supplicant/hostapd commit 14ab4a816" 2021-12-02 14:45:04 -08:00
in6_rss.h
in6_src.c IfAPI: Explicitly include <net/if_private.h> in netstack 2023-01-31 15:02:16 -05:00
in6_var.h netinet[6]: make in[6]_control use ucred instead of td. 2023-07-01 06:52:24 +00:00
in6.c mac_ipacl: new MAC policy module to limit jail/vnet IP configuration 2023-07-26 00:07:57 +00:00
in6.h netinet6: Implement in6_cksum_partial() using m_apply() 2023-06-23 09:55:43 -04:00
ip6_ecn.h
ip6_fastfwd.c IfAPI: Explicitly include <net/if_private.h> in netstack 2023-01-31 15:02:16 -05:00
ip6_forward.c routing: plug mbuf leak for the packets hitting IPv6 blackhole route 2023-05-17 09:06:04 +00:00
ip6_gre.c IfAPI: Explicitly include <net/if_private.h> in netstack 2023-01-31 15:02:16 -05:00
ip6_id.c
ip6_input.c netinet*: Fix redirects for connections from localhost 2023-05-31 11:11:05 +01:00
ip6_mroute.c net.inet6.ip6.log_interval: use ppsratecheck(9) internally 2023-03-13 16:47:06 +00:00
ip6_mroute.h
ip6_output.c ip output: ensure that mbufs are mapped if ipsec is enabled 2023-07-21 21:51:13 +03:00
ip6_var.h Fix MINIMAL build 2023-07-14 09:18:43 +02:00
ip6.h
ip_fw_nat64.h spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD 2023-05-12 10:44:03 -06:00
ip_fw_nptv6.h
mld6_var.h mld6: use callout(9) directly instead of pr_slowtimo, pr_fasttimo 2022-08-17 11:50:31 -07:00
mld6.c mld: always commit state changes on leaving 2023-07-24 16:47:34 +02:00
mld6.h
nd6_nbr.c carp: use nd6log() macro to log debug messages 2023-06-28 13:27:37 +03:00
nd6_rtr.c IfAPI: Explicitly include <net/if_private.h> in netstack 2023-01-31 15:02:16 -05:00
nd6.c IfAPI: Explicitly include <net/if_private.h> in netstack 2023-01-31 15:02:16 -05:00
nd6.h IfAPI: Explicitly include <net/if_private.h> in netstack 2023-01-31 15:02:16 -05:00
pim6_var.h
pim6.h
raw_ip6.c IfAPI: Explicitly include <net/if_private.h> in netstack 2023-01-31 15:02:16 -05:00
raw_ip6.h
route6.c
scope6_var.h
scope6.c IfAPI: Explicitly include <net/if_private.h> in netstack 2023-01-31 15:02:16 -05:00
sctp6_usrreq.c sctp: minor changes due to upstreaming of Glebs recent changes 2022-11-06 23:06:40 +01:00
sctp6_var.h sctp: minor changes due to upstreaming of Glebs recent changes 2022-11-06 23:06:40 +01:00
send.c spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD 2023-05-12 10:44:03 -06:00
send.h spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD 2023-05-12 10:44:03 -06:00
tcp6_var.h netinet*: de-void control input IP protocol methods 2022-10-03 20:53:04 -07:00
udp6_usrreq.c udp: Fix a memory leak in udp6_send() 2023-03-14 11:58:02 -04:00
udp6_var.h netinet*: de-void control input IP protocol methods 2022-10-03 20:53:04 -07:00