Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 28 Apr 2001 20:02:23 -0400 (EDT)
From:      <scanner@jurai.net>
To:        Robert Watson <rwatson@FreeBSD.ORG>
Cc:        freebsd-arch@FreeBSD.ORG
Subject:   Re: jailNG 
Message-ID:  <Pine.BSF.4.21.0104281956430.85066-100000@sasami.jurai.net>
In-Reply-To: <Pine.NEB.3.96L.1010428195253.89482E-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Sat, 28 Apr 2001, Robert Watson wrote:

> The jail() code doesn't allow user applications to open raw sockets
> permitting direct use of ICMP by user processes, but all of the normal use
> of ICMP by the network stack directly is uninhibited.  This means that
> things like PMTU discovery work just fine, but applications such as ping
> do not work in jail().  It's possible to imagine modifications to the raw
> socket behavior that might permit use of it from within jail(), but
> there's a whole can of worms there that we're not willing to spend too
> much time on at this point.

Ok. I wasn't sure. I couldnt believe it would block
ICMP. I knew there was a logical system with its behaviour. I actually
like the current way then. I see jail as a virtual hosting env. more then
anything else. Thanks for the explanation.

=============================================================================
-Chris Watson         (316) 326-3862 | FreeBSD Consultant, FreeBSD Geek 
Work:              scanner@jurai.net | Open Systems Inc., Wellington, Kansas
Home:  scanner@deceptively.shady.org | http://open-systems.net
=============================================================================
WINDOWS: "Where do you want to go today?"
LINUX: "Where do you want to go tomorrow?"
BSD: "Are you guys coming or what?"
=============================================================================
irc.openprojects.net #FreeBSD -Join the revolution!
ICQ: 20016186


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0104281956430.85066-100000>