On 06 Apr 2014, at 17:04 , Michael Tuexen <michael.tue...@lurchi.franken.de> wrote:
>> Aehm, the SCTP code was filtering addresses at one point and made sure only >> jail-visible addresses were seen or bound very much like normal PCB >> handling. If this is not the case (anymore) SCTP shall not be allowed >> inside jails again. > Are you referring to prison_local_ip4() and prison_local_ip6() calls? > These are used while explicit binding. However, I don't think we > do the corresponding filtering when sending INIT-/INIT-ACKs or > export the list of address via the sysctl interface used by netstat. > I guess this needs to be added, right? Yes. — Bjoern A. Zeeb ????????? ??? ??????? ??????: '??? ??? ???? ?????? ??????? ?? ?? ??????? ??????? ??? ????? ????? ???? ?????? ?? ????? ????', ????????? ?????????, "??? ????? ?? ?????", ?.??? _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
