OpenBSD's tcpdrop(8)
gnn at freebsd.org
gnn at freebsd.org
Tue Feb 22 04:49:33 GMT 2005
At Mon, 21 Feb 2005 23:48:55 +0300 (MSK),
Maxim Konovalov wrote:
> Thank you very much for testing! A version with the correct locking
> (rwatson@) and improved IPv6 (ume@) is already in the tree.
>
Great.
> We do not allow to modify sysctls in jail by default (!CTLFLAG_PRISON
> case) so I think net.inet.tcp.drop is jail-safe. And it does not
> allow to discover an existent (or non-existent) tcp connection in the
> host system from the jail.
Sounds good to me.
Later,
George
More information about the freebsd-current
mailing list