OpenVZ Forum: Devel » [RFC][patch 0/3] Network container subsystem

Home » Mailing lists » Devel » [RFC][patch 0/3] Network container subsystem - bind filtering

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: Re: [RFC][patch 3/3] activate filtering for the bind [message #20005 is a reply to message #20000]

Mon, 10 September 2007 18:11

serue
Messages: 750
Registered: February 2006

Senior Member

Quoting Paul Menage (menage@google.com):
> On 9/10/07, Serge E. Hallyn <serue@us.ibm.com> wrote:
> >
> > The only downside I see right now is what to do about a sendto() on a
> > udp socket that hasn't been bound.
> 
> Maybe have additional chains in the new iptable called "sendto" and
> "recvfrom" that are invoked for those operations on unbound datagram
> sockets?

Yup.

Perhaps the biggest upside of this approach is that it's providing
network functionality in a way that should be much more familiar to
network folks.  As opposed to using an lsm with a new vfs interface.

Is anyone working on this implementation, for comparison to the lsm
patch?

-serge
_______________________________________________
Containers mailing list
Containers@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers

Report message to a moderator

[Message index]

		[RFC][patch 0/3] Network container subsystem - bind filtering By: Daniel Lezcano on Tue, 04 September 2007 17:00
		[RFC][patch 1/3] network container subsystem By: Daniel Lezcano on Tue, 04 September 2007 17:00
		Re: [RFC][patch 1/3] network container subsystem By: serue on Wed, 05 September 2007 15:49
		Re: [RFC][patch 1/3] network container subsystem By: Benjamin Thery on Wed, 05 September 2007 11:50
		Re: [RFC][patch 1/3] network container subsystem By: Daniel Lezcano on Wed, 05 September 2007 12:43
		[RFC][patch 2/3] network security hooks By: Daniel Lezcano on Tue, 04 September 2007 17:00
		Re: [RFC][patch 2/3] network security hooks By: serue on Wed, 05 September 2007 16:04
		[RFC][patch 3/3] activate filtering for the bind By: Daniel Lezcano on Tue, 04 September 2007 17:00
		Re: [RFC][patch 3/3] activate filtering for the bind By: serue on Wed, 05 September 2007 16:18
		Re: [RFC][patch 3/3] activate filtering for the bind By: Daniel Lezcano on Wed, 05 September 2007 16:38
		Re: [RFC][patch 3/3] activate filtering for the bind By: serue on Mon, 10 September 2007 13:23
		Re: [RFC][patch 3/3] activate filtering for the bind By: Daniel Lezcano on Mon, 10 September 2007 13:52
		Re: Re: [RFC][patch 3/3] activate filtering for the bind By: Paul Menage on Mon, 10 September 2007 18:15
		Re: [RFC][patch 3/3] activate filtering for the bind By: serue on Mon, 10 September 2007 15:46
		Re: Re: [RFC][patch 3/3] activate filtering for the bind By: Paul Menage on Mon, 10 September 2007 17:49
		Re: Re: [RFC][patch 3/3] activate filtering for the bind By: serue on Mon, 10 September 2007 18:11
		Re: [RFC][patch 0/3] Network container subsystem - bind filtering By: serue on Wed, 05 September 2007 15:37
		Re: [RFC][patch 0/3] Network container subsystem - bind filtering By: Daniel Lezcano on Wed, 05 September 2007 15:41
		Re: [RFC][patch 0/3] Network container subsystem - bind filtering By: Benjamin Thery on Wed, 05 September 2007 14:05

Previous Topic:	Re: [PATCH] Hookup group-scheduler with task container infrastructure
Next Topic:	[RFC] [PATCH 0/2] namespace enter through hijack

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Mon Oct 06 21:29:04 GMT 2025

Total time taken to generate the page: 0.25155 seconds