From owner-cvs-src-old@FreeBSD.ORG  Sat Jan 23 16:45:52 2010
Return-Path: <owner-cvs-src-old@FreeBSD.ORG>
Delivered-To: cvs-src-old@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4D2731065676
	for <cvs-src-old@freebsd.org>; Sat, 23 Jan 2010 16:45:52 +0000 (UTC)
	(envelope-from bz@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 39A798FC1E
	for <cvs-src-old@freebsd.org>; Sat, 23 Jan 2010 16:45:52 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id o0NGjpSn077681
	for <cvs-src-old@freebsd.org>; Sat, 23 Jan 2010 16:45:51 GMT
	(envelope-from bz@repoman.freebsd.org)
Received: (from svn2cvs@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id o0NGjp5k077680
	for cvs-src-old@freebsd.org; Sat, 23 Jan 2010 16:45:51 GMT
	(envelope-from bz@repoman.freebsd.org)
Message-Id: <201001231645.o0NGjp5k077680@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to
	bz@repoman.freebsd.org using -f
From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
Date: Sat, 23 Jan 2010 16:40:35 +0000 (UTC)
To: cvs-src-old@freebsd.org
X-FreeBSD-CVS-Branch: RELENG_8
Subject: cvs commit: src/sys/kern kern_jail.c src/sys/netinet in_pcb.c
 src/sys/netinet6 in6_src.c src/sys/sys jail.h src/usr.sbin/jail
 jail.8
X-BeenThere: cvs-src-old@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: **OBSOLETE** CVS commit messages for the src tree
	<cvs-src-old.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src-old>
List-Post: <mailto:cvs-src-old@freebsd.org>
List-Help: <mailto:cvs-src-old-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jan 2010 16:45:52 -0000

bz          2010-01-23 16:40:35 UTC

  FreeBSD src repository

  Modified files:        (Branch: RELENG_8)
    sys/kern             kern_jail.c 
    sys/netinet          in_pcb.c 
    sys/netinet6         in6_src.c 
    sys/sys              jail.h 
    usr.sbin/jail        jail.8 
  Log:
  SVN rev 202891 on 2010-01-23 16:40:35Z by bz
  
  MFC r202468:
  
    Add ip4.saddrsel/ip4.nosaddrsel (and equivalent for ip6) to control
    whether to use source address selection (default) or the primary
    jail address for unbound outgoing connections.
  
    This is intended to be used by people upgrading from single-IP
    jails to multi-IP jails but not having to change firewall rules,
    application ACLs, ... but to force their connections (unless
    otherwise changed) to the primry jail IP they had been used for
    years, as well as for people prefering to implement similar policies.
  
    Note that for IPv6, if configured incorrectly, this might lead to
    scope violations, which single-IPv6 jails could as well, as by the
    design of jails. [1]
  
    Reviewed by:          jamie, hrs (ipv6 part)
    Pointed out by:       hrs [1]
  
  Revision   Changes    Path
  1.118.2.9  +108 -2    src/sys/kern/kern_jail.c
  1.260.2.3  +7 -0      src/sys/netinet/in_pcb.c
  1.74.2.3   +7 -0      src/sys/netinet6/in6_src.c
  1.50.2.4   +6 -0      src/sys/sys/jail.h
  1.97.2.3   +12 -4     src/usr.sbin/jail/jail.8