git: DragonFly_RELEASE_5_8 jail - Allow loopback interface in in_pcbladdr_find()

Matthew Dillon dillon at crater.dragonflybsd.org
Sun Feb 23 12:10:02 PST 2020


commit bbe2adb993a2b95f41adf2d035cd85644a7afb31
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date:   Sun Feb 23 10:11:28 2020 -0800

    jail - Allow loopback interface in in_pcbladdr_find()
    
    * Prior jail adjustments to allow loopback IPs to be specified in
      the ip-list missed this bit of code which caused the binding
      code to ignore routes to loopback interfaces.
    
    * Adjust the code to accept such routes.  If a loopback IP is in
      the jail's ip-list, it can now be bound to.  If not, and a loopback
      route is returned, it will use the first non-loopback IP in the jail's
      ip-list.
    
    * Note that listen sockets within a jail are not overloaded and so can
      connect to listen sockets on the host or in other jails when a common
      IP (such as 127.0.0.1) is in the ip-list for both.  In this regard,
      shared loopback IPs now work identically to shared NIC IPs.
    
      IP aliases may be used to create a separation.  If you use e.g. 127.0.0.2
      in a jail, bindings to 127.0.0.1 will automatically be adjusted to
      use 127.0.0.2.

Summary of changes:
 sys/netinet/in_pcb.c | 33 +++++++++++++++++++++++++--------
 1 file changed, 25 insertions(+), 8 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/bbe2adb993a2b95f41adf2d035cd85644a7afb31


-- 
DragonFly BSD source repository



More information about the Commits mailing list