2006/9/21, Robert Watson <[EMAIL PROTECTED]>:
What are you trying to do, exactly?
The idea is the following: I have a module which replaces the "socket" system call with my own "extended" socket syscall which adds some restrictions for "socket" callers. After my module is kldloaded - some processes/users/domains become restricted in creation of some type of TCP/UDP sockets. This part is quite obvious. But I also want to handle the situation when a restricted process has created a sockets _before_ my module was loaded. So I want to close its sockets so the process will have to recreate them passing through my restriction policy this time.
> And the second question: whats the correct way to close the socket which was > found? I'm not sure there's really a "correct" way to go about ripping a socket out from under an application. tcpkill does the next closest thing, which is to simulate a RST on the TCP connection and force it to close, which is propagated up the stack in a way the application will understand.
As I understand, RST will take effect only for the client side sockets but the server side "listening" socket still will be alive awaiting for another connections. And I want to be able to close sockets of both server and client types (sure if they were created by my restricted process mentioned above). Taras Danko -- contact me: email: [EMAIL PROTECTED] icq: 166956956 _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
