d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4ee44ffcca
freebsd-dev/sbin/ipf
History
Cy Schubert c47db49ba4 ipfilter: Support only jails in VNET 
Jails without VNET have complete access to the ipfilter rules, NAT,
pools and logs. This is insecure. Only allow jails to manipulate
ipfilter rules, NAT tables and ippools if the jail has its own VNET.
Otherwise a jail can affect the global system.

This patch brings ipfilter in line with ipfw's support of VNET jails and
non-support of non-VNET jails.

MFC after:	1 week
2022-07-07 07:53:45 -07:00
..
common ipfilter: Introduce the new FORMAT_IF macro 2022-03-03 06:43:11 -08:00
ipf ipf(5): Fix a typo in the manual page 2022-04-02 14:50:45 +02:00
ipfs ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
ipfstat ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
ipfsync ipfilter: Restore ipfsync 2022-01-07 21:46:53 -08:00
ipftest ipfilter: Fix manpage typos 2022-01-04 07:11:00 -08:00
iplang ipfilter: Adjust userland returns to conform to style(9) 2022-01-03 18:06:43 -08:00
ipmon ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
ipnat ipnat(5): Fix a double word in the manual page 2022-04-09 09:28:43 +02:00
ippool ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
ipresend ipfilter: Move userland bits to sbin 2021-12-20 06:16:33 -08:00
ipscan ipfilter: Adjust userland returns to conform to style(9) 2022-01-03 18:06:43 -08:00
ipsend ipfilter: Fix manpage typos 2022-01-04 07:11:00 -08:00
libipf ipfilter: Support only jails in VNET 2022-07-07 07:53:45 -07:00
Makefile ipfilter: Move userland bits to sbin 2021-12-20 06:16:33 -08:00
Makefile.inc ipfilter: Move userland bits to sbin 2021-12-20 06:16:33 -08:00