d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d7837b06fe
freebsd-dev/sys/net
History
Bosko Milekic 5a59cefcd1 Give jail(8) the feature to allow raw sockets from within a 
jail, which is less restrictive but allows for more flexible
jail usage (for those who are willing to make the sacrifice).
The default is off, but allowing raw sockets within jails can
now be accomplished by tuning security.jail.allow_raw_sockets
to 1.

Turning this on will allow you to use things like ping(8)
or traceroute(8) from within a jail.

The patch being committed is not identical to the patch
in the PR.  The committed version is more friendly to
APIs which pjd is working on, so it should integrate
into his work quite nicely.  This change has also been
presented and addressed on the freebsd-hackers mailing
list.

Submitted by: Christian S.J. Peron <maneo@bsdpro.com>
PR: kern/65800
2004-04-26 19:46:52 +00:00
..
bpf_compat.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
bpf_filter.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
bpf.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
bpf.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
bpfdesc.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
bridge.c arpcom untangling: 2004-04-24 22:11:13 +00:00
bridge.h network interface and link layer changes: 2002-11-15 00:00:15 +00:00
bsd_comp.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ethernet.h general cleanups mostly aimed at improving portability of drivers 2002-11-14 23:28:47 +00:00
fddi.h network interface and link layer changes: 2002-11-15 00:00:15 +00:00
if_arc.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
if_arcsubr.c This commit does two things: 2004-04-25 09:24:52 +00:00
if_arp.h + rename and document an unused field in struct arpcom (field is still 2004-04-18 01:15:32 +00:00
if_atm.h Add a device type for virtual interfaces. 2004-01-26 12:13:11 +00:00
if_atmsubr.c This commit does two things: 2004-04-25 09:24:52 +00:00
if_disc.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
if_dl.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
if_ef.c o eliminate widespread on-stack mbuf use for bpf by introducing 2003-12-28 03:56:00 +00:00
if_ethersubr.c This commit does two things: 2004-04-25 09:24:52 +00:00
if_faith.c Staticize <if>_clone_{create,destroy} functions. 2004-04-14 00:57:49 +00:00
if_fddisubr.c This commit does two things: 2004-04-25 09:24:52 +00:00
if_gif.c Staticize <if>_clone_{create,destroy} functions. 2004-04-14 00:57:49 +00:00
if_gif.h Properly detect loops by recording the interface pointer in an mtag. 2004-04-05 16:55:15 +00:00
if_gre.c Add the comment of the previous commit to the source file directly. 2004-04-23 16:57:43 +00:00
if_gre.h Lock down global variables in if_gre: 2004-03-22 16:04:43 +00:00
if_iso88025subr.c This commit does two things: 2004-04-25 09:24:52 +00:00
if_llc.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
if_loop.c Staticize <if>_clone_{create,destroy} functions. 2004-04-14 00:57:49 +00:00
if_media.c Replace the if_name and if_unit members of struct ifnet with new members 2003-10-31 18:32:15 +00:00
if_media.h Add Direct Sequence 354K and 512K (needed for arl(4)). 2004-04-13 19:23:46 +00:00
if_mib.c Replace the if_name and if_unit members of struct ifnet with new members 2003-10-31 18:32:15 +00:00
if_mib.h
if_ppp.c First pass at softc list locking for if_ppp.c. Many parts of 2004-04-19 01:36:24 +00:00
if_ppp.h
if_pppvar.h Make ppp(4) devices clonable and unloadable. 2002-08-09 15:30:48 +00:00
if_sl.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
if_slvar.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
if_sppp.h
if_spppsubr.c Compare spppq to NULL instead of using spppq as a boolean. 2004-03-14 01:32:44 +00:00
if_stf.c Use an tempory struct ifnet *ifp instead of sc->sc_if to access the 2004-04-19 05:06:27 +00:00
if_stf.h
if_tap.c Correct a bug introduced with the recent clone API chang: when the clone 2004-03-18 14:18:51 +00:00
if_tap.h
if_tapvar.h Add tap_mtx to tap_softc in order to protect per-softc variables 2004-03-17 01:09:59 +00:00
if_tun.c Add per-softc locking to if_tun: 2004-03-29 22:16:39 +00:00
if_tun.h
if_types.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
if_var.h Make if_(un)route static in if.c as they are called from if_up/if_down only. 2004-04-18 18:59:44 +00:00
if_vlan_var.h A network interface driver can support IFCAP_VLAN_MTU only, 2004-01-18 19:29:04 +00:00
if_vlan.c arpcom untangling: 2004-04-24 22:24:48 +00:00
if.c arpcom untangling: 2004-04-24 22:24:48 +00:00
if.h Added the new interface capability option for drivers that implement 2004-04-11 13:36:52 +00:00
iso88025.h Fix whitespace issues. 2003-03-15 23:55:33 +00:00
net_osdep.c Replace the if_name and if_unit members of struct ifnet with new members 2003-10-31 18:32:15 +00:00
net_osdep.h - update comments to refrect recent BSDs. 2003-11-04 14:08:31 +00:00
netisr.c o add a flags parameter to netisr_register that is used to specify 2003-11-08 22:28:40 +00:00
netisr.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
pfil.c o update PFIL_HOOKS support to current API used by netbsd 2003-09-23 17:54:04 +00:00
pfil.h o update PFIL_HOOKS support to current API used by netbsd 2003-09-23 17:54:04 +00:00
pfkeyv2.h Initial import of RFC 2385 (TCP-MD5) digest support. 2004-02-11 04:26:04 +00:00
ppp_comp.h
ppp_deflate.c Back out M_* changes, per decision of the TRB. 2003-02-19 05:47:46 +00:00
ppp_defs.h
ppp_tty.c Replace the if_name and if_unit members of struct ifnet with new members 2003-10-31 18:32:15 +00:00
radix.c Readability fixes: 2004-04-21 15:27:36 +00:00
radix.h + move MKGet()/MKFree() into the only file that can use them. 2004-04-18 11:48:35 +00:00
raw_cb.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
raw_cb.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
raw_usrreq.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
route.c fix one typo and remove one wrong line 2004-04-25 01:39:00 +00:00
route.h document the locking behaviour of the functions that access 2004-04-24 23:34:04 +00:00
rtsock.c Give jail(8) the feature to allow raw sockets from within a 2004-04-26 19:46:52 +00:00
slcompress.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
slcompress.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
slip.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
zlib.c chase more of the MIN/MAX mess. *sigh* 2003-02-02 13:52:25 +00:00
zlib.h