Multiple IP Jail's patch for FreeBSD 6.2
Ed Schouten
ed at fxq.nl
Mon May 14 14:14:19 UTC 2007
Hello Andre,
* Andre Oppermann <andre at freebsd.org> wrote:
> I'm working on a "light" variant of multi-IPv[46] per jail. It doesn't
> create an entirely new network instance per jail and probably is more
> suitable for low- to mid-end (virtual) hosting. In those cases you
> normally want the host administrator to excercise full control over
> IP address and firewall configuration of the individual jails. For
> high-end stuff where you offer jail based virtual machines or network
> and routing simulations Marco's work is more appropriate.
Is there a way for us to colaborate on this? I'd really love to work on
this sort of stuff and I think it's really interesting to dig in that
sort of code.
I already wrote an initial patch which changes the system call and
sysctl format of the jail structures which allow you to specify lists of
addresses for IPv4 and IPv6.
In theory, the only thing that needs to be done in the kernel, is adding
bits to the netinet6 code to prevent usage of unauthorized IPv6
addresses (nothing is altered yet). Userspace utilities like jls(8) and
jexec(8) need to be polished as well.
http://g-rave.nl/junk/freebsd-jail-multi-inet46.diff
Feedback (and help) is very welcome! :-)
Yours,
--
Ed Schouten <ed at fxq.nl>
WWW: http://g-rave.nl/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20070514/335c2852/attachment.pgp
More information about the freebsd-hackers
mailing list