Hi,
vielleicht hilft Dir das?
Aus der jail(8) manpage:
security.jail.allow_raw_sockets
This MIB entry determines whether or not prison root is allowed to
create raw sockets. Setting this MIB to 1 allows utilities like
ping(8) and traceroute(8) to operate inside the prison. If this MIB
is set, the source IP addresses are enforced to comply with the IP
address bound to the jail, regardless of whether or not the
IP_HDRINCL flag has been set on the socket. Since raw sockets can
be used to configure and interact with various network subsystems,
extra caution should be used where privileged access to jails is
given out to untrusted parties. As such, by default this option is
disabled.
Gruss
Peter
To Unsubscribe: send mail to majordomo(at)de.FreeBSD.org
with "unsubscribe de-bsd-questions" in the body of the message
Received on Fri 12 May 2006 - 08:37:17 CEST