Date: Wed, 16 Apr 2003 12:25:11 +0100 (BST) From: Jan Grant <Jan.Grant@bristol.ac.uk> To: Pawel Jakub Dawidek <nick@garage.freebsd.pl> Cc: Poul-Henning Kamp <phk@FreeBSD.org> Subject: Re: Multiple ip-numbers in jails (fixed INADDR_ANY behaviour). Message-ID: <Pine.GSO.4.44.0304161221370.14291-100000@mail.ilrt.bris.ac.uk> In-Reply-To: <20030415171757.GU52293@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 15 Apr 2003, Pawel Jakub Dawidek wrote: > Hello hackers... > > I've just finished patch for multiple ip-numbers inside jails. > > There was a problem with handling INADDR_ANY correctly in multiple ips > implementations, but I think I solved this problem. > > Another thing are priorities. > When port X is opened on main host and in jail as INADDR_ANY, current > implementation of jail converts INADDR_ANY to jail's IP. > When we're connecting to this port we will connect to jail's daemon, > because "exactly match" is there. > In my solution looking for opened port is in this order: > 1. non-jailed, non-wild. > 2. non-jailed, wild. > 3. jailed, non-wild. > 4. jailed, wild. Hang on, so you're saying that if my machine has (say) 4 IP addresses, and the jail has two of them, and I've a process listening on INADDR_ANY in a non-jail, and one listening on INADDR_ANY in a jail, then a connection to one of the jailed IPs will wind up with the non-jail process? That seems backwards to me. That is, it seems that the most "specific" INADDR_ANY should match first. > Please, review it. Thanks. > > PS. Patch is against FreeBSD-CURRENT. > > -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/ Axioms speak louder than words.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.44.0304161221370.14291-100000>