I wasn't even aware of the existance of this interface. I'll check it out. Thing is, this is a socket layer option, rather than what I've committed which is a netinet layer option.
Anyway, I'll check it out. I'm happy to fiddle with things if others' would like it. Adrian 2009/1/9 Attila Nagy <b...@fsn.hu>: > Hello, > > Adrian Chadd wrote: >> >> Author: adrian >> Date: Fri Jan 9 16:02:19 2009 >> New Revision: 186955 >> URL: http://svn.freebsd.org/changeset/base/186955 >> >> Log: >> Implement a new IP option (not compiled/enabled by default) to allow >> applications to specify a non-local IP address when bind()'ing a socket >> to a local endpoint. >> This allows applications to spoof the client IP address of connections >> if (obviously!) they somehow are able to receive the traffic normally >> destined to said clients. >> This patch doesn't include any changes to ipfw or the bridging code to >> redirect the client traffic through the PCB checks so TCP gets a shot >> at it. The normal behaviour is that packets with a non-local destination >> IP address are not handled locally. This can be dealth with some IPFW >> hackery; >> modifications to IPFW to make this less hacky will occur in subsequent >> commmits. >> Thanks to Julian Elischer and others at Ironport. This work was >> approved >> and donated before Cisco acquired them. >> Obtained from: Julian Elischer and others >> MFC after: 2 weeks >> > > Wouldn't it be better to implement existing interfaces for that? > OpenBSD has a SO_BINDANY socket option and it seems it's also in BSD/OS: > http://marc.info/?l=openbsd-cvs&w=2&r=1&s=bindany&q=b > > _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
