Hello Andre, * Andre Oppermann <[EMAIL PROTECTED]> wrote: > I'm working on a "light" variant of multi-IPv[46] per jail. It doesn't > create an entirely new network instance per jail and probably is more > suitable for low- to mid-end (virtual) hosting. In those cases you > normally want the host administrator to excercise full control over > IP address and firewall configuration of the individual jails. For > high-end stuff where you offer jail based virtual machines or network > and routing simulations Marco's work is more appropriate.
Is there a way for us to colaborate on this? I'd really love to work on
this sort of stuff and I think it's really interesting to dig in that
sort of code.
I already wrote an initial patch which changes the system call and
sysctl format of the jail structures which allow you to specify lists of
addresses for IPv4 and IPv6.
In theory, the only thing that needs to be done in the kernel, is adding
bits to the netinet6 code to prevent usage of unauthorized IPv6
addresses (nothing is altered yet). Userspace utilities like jls(8) and
jexec(8) need to be polished as well.
http://g-rave.nl/junk/freebsd-jail-multi-inet46.diff
Feedback (and help) is very welcome! :-)
Yours,
--
Ed Schouten <[EMAIL PROTECTED]>
WWW: http://g-rave.nl/
pgpngsfhbfFG8.pgp
Description: PGP signature
