git: DragonFly_RELEASE_5_8 jail - Allow loopback interface in in_pcbladdr_find()
Matthew Dillon
dillon at crater.dragonflybsd.org
Sun Feb 23 12:10:02 PST 2020
commit bbe2adb993a2b95f41adf2d035cd85644a7afb31
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Sun Feb 23 10:11:28 2020 -0800
jail - Allow loopback interface in in_pcbladdr_find()
* Prior jail adjustments to allow loopback IPs to be specified in
the ip-list missed this bit of code which caused the binding
code to ignore routes to loopback interfaces.
* Adjust the code to accept such routes. If a loopback IP is in
the jail's ip-list, it can now be bound to. If not, and a loopback
route is returned, it will use the first non-loopback IP in the jail's
ip-list.
* Note that listen sockets within a jail are not overloaded and so can
connect to listen sockets on the host or in other jails when a common
IP (such as 127.0.0.1) is in the ip-list for both. In this regard,
shared loopback IPs now work identically to shared NIC IPs.
IP aliases may be used to create a separation. If you use e.g. 127.0.0.2
in a jail, bindings to 127.0.0.1 will automatically be adjusted to
use 127.0.0.2.
Summary of changes:
sys/netinet/in_pcb.c | 33 +++++++++++++++++++++++++--------
1 file changed, 25 insertions(+), 8 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/bbe2adb993a2b95f41adf2d035cd85644a7afb31
--
DragonFly BSD source repository
More information about the Commits
mailing list