freebsd-nq/usr.sbin/jail
Bjoern A. Zeeb 592bcae802 Add ip4.saddrsel/ip4.nosaddrsel (and equivalent for ip6) to control
whether to use source address selection (default) or the primary
jail address for unbound outgoing connections.

This is intended to be used by people upgrading from single-IP
jails to multi-IP jails but not having to change firewall rules,
application ACLs, ... but to force their connections (unless
otherwise changed) to the primry jail IP they had been used for
years, as well as for people prefering to implement similar policies.

Note that for IPv6, if configured incorrectly, this might lead to
scope violations, which single-IPv6 jails could as well, as by the
design of jails. [1]

Reviewed by:	jamie, hrs (ipv6 part)
Pointed out by:	hrs [1]
MFC After:	2 weeks
Asked for by:	Jase Thew (bazerka beardz.net)
2010-01-17 12:57:11 +00:00
..
jail.8 Add ip4.saddrsel/ip4.nosaddrsel (and equivalent for ip6) to control 2010-01-17 12:57:11 +00:00
jail.c Handle kernels that don't have IPv6 by not sending an "ip6.addr" 2009-07-31 14:30:06 +00:00
Makefile The last big commit: let usr.sbin/ use WARNS=6 by default. 2010-01-02 11:07:44 +00:00