Commit 103766db authored by Mike Hibler's avatar Mike Hibler

Yet another jail option: ipdivert

to enable use of divert sockets in jails.

Change tmcd to pass back an indication that divert sockets should be enabled.
parent 392a65b2
#!/usr/bin/perl -w
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2004 University of Utah and the Flux Group.
# Copyright (c) 2000-2005 University of Utah and the Flux Group.
# All rights reserved.
#
# Kernel, jail, netstat, route, ifconfig, ipfw, header files.
......@@ -1071,6 +1071,15 @@ sub setjailoptions() {
}
last SWITCH;
};
/^IPDIVERT$/ && do {
if ($val) {
$jailoptions .= " -o ipdivert";
}
else {
$jailoptions .= " -o noipdivert";
}
last SWITCH;
};
/^DEVMEM$/ && do {
$jailflags |= $JAIL_DEVMEM;
last SWITCH;
......@@ -1108,6 +1117,7 @@ sub setjailoptions() {
system("sysctl jail.inaddrany_allowed=1 >/dev/null 2>&1");
system("sysctl jail.multiip_allowed=1 >/dev/null 2>&1");
system("sysctl jail.ipfw_allowed=1 >/dev/null 2>&1");
system("sysctl jail.ipdivert_allowed=1 >/dev/null 2>&1");
system("sysctl net.link.ether.inet.useloopback=0 >/dev/null 2>&1");
if ($?) {
......
......@@ -4486,6 +4486,7 @@ COMMAND_PROTOTYPE(dojailconfig)
"BPFRO=1\n"
"INADDRANY=1\n"
"IPFW=1\n"
"IPDIVERT=1\n"
"ROUTING=%d\n"
"DEVMEM=%d\n",
low, high, atoi(row[0]), reqp->islocal, reqp->islocal);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment