d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
57268cd141
freebsd-nq/sys/netinet
History
Bosko Milekic 5a59cefcd1 Give jail(8) the feature to allow raw sockets from within a 
jail, which is less restrictive but allows for more flexible
jail usage (for those who are willing to make the sacrifice).
The default is off, but allowing raw sockets within jails can
now be accomplished by tuning security.jail.allow_raw_sockets
to 1.

Turning this on will allow you to use things like ping(8)
or traceroute(8) from within a jail.

The patch being committed is not identical to the patch
in the PR.  The committed version is more friendly to
APIs which pjd is working on, so it should integrate
into his work quite nicely.  This change has also been
presented and addressed on the freebsd-hackers mailing
list.

Submitted by: Christian S.J. Peron <maneo@bsdpro.com>
PR: kern/65800
2004-04-26 19:46:52 +00:00
..
libalias Unbreak natd. 2004-04-02 17:57:57 +00:00
accf_data.c Remove so*_locked(), which were backed out by mistake. 2002-06-18 07:42:02 +00:00
accf_http.c Remove so*_locked(), which were backed out by mistake. 2002-06-18 07:42:02 +00:00
icmp6.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
icmp_var.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
if_atm.c replace explicit changes to rt_refcnt by RT_ADDREF and RT_REMREF 2003-11-08 23:36:32 +00:00
if_atm.h Remove __P. 2002-03-19 21:25:46 +00:00
if_ether.c Another small set of changes to reduce diffs with the new arp code. 2004-04-25 15:00:17 +00:00
if_ether.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
igmp_var.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
igmp.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
igmp.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
in_cksum.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
in_gif.c In an effort to simplify the routing code, try to deprecate rtalloc() 2004-04-14 01:13:14 +00:00
in_gif.h - fix typo in comment. 2003-10-07 17:46:18 +00:00
in_pcb.c Wrap two long lines in the previous commit. 2004-04-23 23:29:49 +00:00
in_pcb.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
in_proto.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
in_rmx.c Introduce tcp_hostcache and remove the tcp specific metrics from 2003-11-20 20:07:39 +00:00
in_systm.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
in_var.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
in.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
in.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ip6.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ip_divert.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ip_divert.h Re-remove MT_TAGs. The problems with dummynet have been fixed now. 2004-02-25 19:55:29 +00:00
ip_dummynet.c Add some missing DUMMYNET_UNLOCK() in config_pipe(). 2004-03-03 01:33:22 +00:00
ip_dummynet.h Re-remove MT_TAGs. The problems with dummynet have been fixed now. 2004-02-25 19:55:29 +00:00
ip_ecn.c add ECN support in layer-3. 2003-10-29 15:07:04 +00:00
ip_ecn.h add ECN support in layer-3. 2003-10-29 15:07:04 +00:00
ip_encap.c Lock down IP-layer encapsulation library: 2004-03-10 02:48:50 +00:00
ip_encap.h Remove __P. 2002-03-19 21:25:46 +00:00
ip_fastfwd.c Re-remove MT_TAGs. The problems with dummynet have been fixed now. 2004-02-25 19:55:29 +00:00
ip_fw2.c Add the option versrcreach to verify that a valid route to the 2004-04-23 14:28:38 +00:00
ip_fw.h Add the option versrcreach to verify that a valid route to the 2004-04-23 14:28:38 +00:00
ip_gre.c Lock down global variables in if_gre: 2004-03-22 16:04:43 +00:00
ip_gre.h de-__P(). 2002-10-16 22:27:27 +00:00
ip_icmp.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ip_icmp.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ip_id.c Tweak existing header and other build infrastructure to be able to build 2004-02-26 03:53:54 +00:00
ip_input.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ip_mroute.c To comply with the spec, do not copy the TOS from the outer IP 2004-03-08 07:47:27 +00:00
ip_mroute.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ip_output.c In an effort to simplify the routing code, try to deprecate rtalloc() 2004-04-14 01:13:14 +00:00
ip_var.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ip.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ipprotosw.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
pim_var.h New PIM header files. 2003-08-07 18:17:43 +00:00
pim.h Include <sys/types.h> for autoconf/automake detection. 2004-03-08 07:45:32 +00:00
raw_ip.c Give jail(8) the feature to allow raw sockets from within a 2004-04-26 19:46:52 +00:00
tcp_debug.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
tcp_debug.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
tcp_fsm.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
tcp_hostcache.c Fix a potential race when purging expired hostcache entries. 2004-04-23 13:54:28 +00:00
tcp_input.c Tighten up reset handling in order to make reset attacks as difficult as 2004-04-26 02:56:31 +00:00
tcp_output.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
tcp_reass.c Tighten up reset handling in order to make reset attacks as difficult as 2004-04-26 02:56:31 +00:00
tcp_seq.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
tcp_subr.c Enhance our RFC1948 implementation to perform better in some pathlogical 2004-04-20 06:33:39 +00:00
tcp_syncache.c Reduce 'td' argument to 'cred' (struct ucred) argument in those functions: 2004-03-27 21:05:46 +00:00
tcp_timer.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
tcp_timer.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
tcp_timewait.c Enhance our RFC1948 implementation to perform better in some pathlogical 2004-04-20 06:33:39 +00:00
tcp_usrreq.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
tcp_var.h Tighten up reset handling in order to make reset attacks as difficult as 2004-04-26 02:56:31 +00:00
tcp.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
tcpip.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
udp_usrreq.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
udp_var.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
udp.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00