Date: Tue, 20 Apr 2004 22:24:38 +0200 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: "Christian S.J. Peron" <maneo@bsdpro.com> Cc: freebsd-security@freebsd.org Subject: Re: [patch] Raw sockets in jails Message-ID: <23453.1082492678@critter.freebsd.dk> In-Reply-To: Your message of "Tue, 20 Apr 2004 20:00:27 -0000." <20040420200027.A51891@staff.seccuris.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20040420200027.A51891@staff.seccuris.com>, "Christian S.J. Peron" w rites: >Poul/group > >The following patch makes raw sockets comply with prison IP addresses. >Some tools such as traceroute(8) may require that the prison IP address >be specified on the command line. I.E. > > traceroute -s <prison ip> <dest address> > >Otherwise it might fail. How does traceroute and ping normally determine which source address to use ? Can't we use that mechanism to default them to the right thing ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?23453.1082492678>