d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4ee44ffcca
freebsd-dev/sbin/ipf/libipf
History
Cy Schubert c47db49ba4 ipfilter: Support only jails in VNET 
Jails without VNET have complete access to the ipfilter rules, NAT,
pools and logs. This is insecure. Only allow jails to manipulate
ipfilter rules, NAT tables and ippools if the jail has its own VNET.
Otherwise a jail can affect the global system.

This patch brings ipfilter in line with ipfw's support of VNET jails and
non-support of non-VNET jails.

MFC after:	1 week
2022-07-07 07:53:45 -07:00
..
addicmp.c
addipopt.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
alist_free.c
alist_new.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
allocmbt.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
assigndefined.c
bcopywrap.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
binprint.c
buildopts.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
checkrev.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
connecttcp.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
count4bits.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
count6bits.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
debug.c
dupmbt.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
facpri.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
facpri.h
familyname.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
fill6bits.c
findword.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
flags.c
freembt.c
ftov.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
gethost.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
geticmptype.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
getifname.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
getnattype.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
getport.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
getportproto.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
getproto.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
getsumd.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
hostname.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
icmpcode.c
icmptypename.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
icmptypes.c
inet_addr.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
initparse.c
interror.c ipfilter: Support only jails in VNET 2022-07-07 07:53:45 -07:00
ionames.c
ipf_dotuning.c ipfilter userland: Remove trailing whitespace 2022-01-03 18:06:44 -08:00
ipf_perror.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
ipft_hx.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
ipft_pc.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
ipft_tx.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
ipoptsec.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
kmem.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
kmem.h
kmemcpywrap.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
kvatoname.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
load_dstlist.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
load_dstlistnode.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
load_file.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
load_hash.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
load_hashnode.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
load_http.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
load_pool.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
load_poolnode.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
load_url.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
Makefile
Makefile.depend
mb_hexdump.c
msgdsize.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
mutex_emul.c
nametokva.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
nat_setgroupmap.c
ntomask.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
optname.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
optprint.c
optprintv6.c
optvalue.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
parsefields.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
parseipfexpr.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
parsewhoisline.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
poolio.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
portname.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
prependmbt.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
print_toif.c
printactiveaddr.c
printactivenat.c ipfilter: Obtain the interface name more efficiently 2022-03-03 06:43:11 -08:00
printaddr.c
printaps.c
printbuf.c
printdstl_live.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
printdstlist.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
printdstlistdata.c
printdstlistnode.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
printdstlistpolicy.c
printfieldhdr.c
printfr.c
printfraginfo.c
printhash_live.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
printhash.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
printhashdata.c
printhashnode.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
printhost.c
printhostmap.c
printhostmask.c
printifname.c
printip.c
printipfexpr.c
printiphdr.c
printlog.c
printlookup.c
printmask.c
printnat.c
printnataddr.c
printnatfield.c
printnatside.c
printpacket6.c
printpacket.c
printpool_live.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
printpool.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
printpooldata.c
printpoolfield.c
printpoolnode.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
printportcmp.c
printproto.c
printsbuf.c
printstate.c ipfilter: Reliably print the interface name 2022-03-03 06:43:12 -08:00
printstatefields.c
printtcpflags.c
printtqtable.c
printtunable.c
printunit.c
remove_hash.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
remove_hashnode.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
remove_pool.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
remove_poolnode.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
resetlexer.c
rwlock_emul.c
save_execute.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
save_file.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
save_nothing.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
save_syslog.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
save_v1trap.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
save_v2trap.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
tcp_flags.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
tcpflags.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
tcpoptnames.c
v6ionames.c
v6optvalue.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
var.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00
verbose.c
vtof.c ipfilter userland: Style(9) requires a space after return 2022-01-03 19:37:25 -08:00