remote traceroute and ping for jails
Lev Walkin
vlm at netli.com
Mon Feb 9 22:26:32 PST 2004
Hendrik Scholz wrote:
> Hi!
>
> I've just finished a quick hack to allow jails to indirectly execute ping
> and traceroute by sending commands to the FreeBSD host housing the jails.
> A small daemon processes the requests and sends the reply back to the
> clients.
>
> Just grab http://www.wormulon.net/files/FreeBSD/rsocket-HEAD.tar.gz
> and don't forget to modify defs.h :)
>
> 'features':
>
> - should be safe from 'hack' attempts like "traceroute 123.org;id"
> - IPv6 ready ... just need to add some lines
> - executes ping -c 4 and does not offer any way to modify parameters
> - works for me :)
>
> Any comments are welcome!
=== cut ===
/* dissect into type and parameter */
param = strstr(buf, " ");
if ((param != NULL) || (strstr(param, " ") != NULL))
{
*param = '\0';
param++;
param[strlen(param)-2] = '\0';
=== cut ===
Suppose the buffer holds the following data: " ".
param=strstr(buf, " "); will pass.
param!=NULL will yield true
*param++ = 0 will put \0 instead of the space.
strlen(param) will yield 0.
param[-2] = '\0' will write zero into... into... something...
throw it off and rewirite anew.
--
Lev Walkin
vlm at netli.com
More information about the freebsd-net
mailing list