On 06 Apr 2014, at 20:44, Bjoern A. Zeeb <bzeeb-li...@lists.zabbadoz.net> wrote:
> > On 06 Apr 2014, at 17:04 , Michael Tuexen <michael.tue...@lurchi.franken.de> > wrote: > >>> Aehm, the SCTP code was filtering addresses at one point and made sure only >>> jail-visible addresses were seen or bound very much like normal PCB >>> handling. If this is not the case (anymore) SCTP shall not be allowed >>> inside jails again. >> Are you referring to prison_local_ip4() and prison_local_ip6() calls? >> These are used while explicit binding. However, I don't think we >> do the corresponding filtering when sending INIT-/INIT-ACKs or >> export the list of address via the sysctl interface used by netstat. >> I guess this needs to be added, right? > > Yes. OK. Give me a couple of days and I'll try to fix the SCTP stack (need to set up a test environment for it). Best regards Michael > > — > Bjoern A. Zeeb ????????? ??? ??????? ??????: > '??? ??? ???? ?????? ??????? ?? ?? ??????? ??????? ??? ????? ????? ???? > ?????? ?? ????? ????', ????????? ?????????, "??? ????? ?? ?????", ?.??? > > _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
