From owner-freebsd-hackers  Wed Nov 17  7:36:48 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.40.131])
	by hub.freebsd.org (Postfix) with ESMTP
	id 44CE214E09; Wed, 17 Nov 1999 07:36:41 -0800 (PST)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.9.3/8.9.2) with ESMTP id IAA00291;
	Wed, 17 Nov 1999 08:59:04 +0100 (CET)
	(envelope-from phk@critter.freebsd.dk)
To: Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
Cc: beyssac@enst.fr, freebsd-hackers@FreeBSD.ORG,
	freebsd-security@FreeBSD.ORG
Subject: Re: Should jail treat ip-number? 
In-reply-to: Your message of "Wed, 17 Nov 1999 15:31:26 +0900."
             <19991117153126C.shin@nd.net.fujitsu.co.jp> 
Date: Wed, 17 Nov 1999 08:59:03 +0100
Message-ID: <289.942825543@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In message <19991117153126C.shin@nd.net.fujitsu.co.jp>, Yoshinobu Inoue writes:

>-Only think about inet and inet6. Forget about other protocol
> family and sockaddr.
> (Just as current jail only think about inet.)

This has basically been the policy until now: Don't worry about a protocol
until somebody needs it.

>-Just add an in6_addr structure(IPv6 address) member
> "ip6_number" into the jail structure.
>
>-Jail(2) specify "ip_number" and/or "ip6_number" into the kernel.

Well, I guess we want it to be "and", right ?  Will people want to
bind both a IPv4 and IPv6 address (does it make sense to do so ?)
or will people only need to bind one of them ?

>-Kernel treat "ip6_number" as just a same kind of extension
> for IPv6 as "ip_number" for IPv4.

I'm not against them being sockaddr's.

>-Jail(8) command can also accept DNS name, and then it resolve
> the name internally and,
>   if A record is obtained, specify its address into "ip_number".
>   if AAAA record is obtained, also specify its address into "ip6_number".

Sure, this is trivial to do.

--
Poul-Henning Kamp             FreeBSD coreteam member
phk@FreeBSD.ORG               "Real hackers run -current on their laptop."
FreeBSD -- It will take a long time before progress goes too far!


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message