Date: Tue, 22 Feb 2005 13:49:27 +0900 From: gnn@freebsd.org To: Maxim Konovalov <maxim@macomnet.ru> Cc: current@freebsd.org Subject: Re: OpenBSD's tcpdrop(8) Message-ID: <m2d5utjj1k.wl%gnn@neville-neil.com> In-Reply-To: <20050221233338.B70997@mp2.macomnet.net> References: <20050123193559.V91742@mp2.macomnet.net> <m2vf8mj59c.wl%gnn@neville-neil.com> <20050221233338.B70997@mp2.macomnet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At Mon, 21 Feb 2005 23:48:55 +0300 (MSK), Maxim Konovalov wrote: > Thank you very much for testing! A version with the correct locking > (rwatson@) and improved IPv6 (ume@) is already in the tree. > Great. > We do not allow to modify sysctls in jail by default (!CTLFLAG_PRISON > case) so I think net.inet.tcp.drop is jail-safe. And it does not > allow to discover an existent (or non-existent) tcp connection in the > host system from the jail. Sounds good to me. Later, George
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m2d5utjj1k.wl%gnn>