git: jail - Allow loopback interface in in_pcbladdr_find()

Matthew Dillon dillon at
Sun Feb 23 12:08:47 PST 2020

commit 567e5b2cd1f59335198a211f9c19c41490eae492
Author: Matthew Dillon <dillon at>
Date:   Sun Feb 23 10:11:28 2020 -0800

    jail - Allow loopback interface in in_pcbladdr_find()
    * Prior jail adjustments to allow loopback IPs to be specified in
      the ip-list missed this bit of code which caused the binding
      code to ignore routes to loopback interfaces.
    * Adjust the code to accept such routes.  If a loopback IP is in
      the jail's ip-list, it can now be bound to.  If not, and a loopback
      route is returned, it will use the first non-loopback IP in the jail's
    * Note that listen sockets within a jail are not overloaded and so can
      connect to listen sockets on the host or in other jails when a common
      IP (such as is in the ip-list for both.  In this regard,
      shared loopback IPs now work identically to shared NIC IPs.
      IP aliases may be used to create a separation.  If you use e.g.
      in a jail, bindings to will automatically be adjusted to

Summary of changes:
 sys/netinet/in_pcb.c | 33 +++++++++++++++++++++++++--------
 1 file changed, 25 insertions(+), 8 deletions(-)

DragonFly BSD source repository

More information about the Commits mailing list