CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

projects / FreeBSD / FreeBSD.git / commit

author	rwatson <rwatson@FreeBSD.org>
	Thu, 21 Aug 2003 18:21:22 +0000 (18:21 +0000)
committer	rwatson <rwatson@FreeBSD.org>
	Thu, 21 Aug 2003 18:21:22 +0000 (18:21 +0000)
commit	32ed1a62a81fa74b7ba72050f7fcc471b032f95c
tree	269bdd075acbd16f8db9b0379a3518d07ca3cd76	tree \| snapshot
parent	31a9062bd5a40857d69d229a261f64e30a94e727	commit \| diff

Introduce two new MAC Framework and MAC policy entry points:

  mac_reflect_mbuf_icmp()
  mac_reflect_mbuf_tcp()

These entry points permit MAC policies to do "update in place"
changes to the labels on ICMP and TCP mbuf headers when an ICMP or
TCP response is generated to a packet outside of the context of
an existing socket.  For example, in respond to a ping or a RST
packet to a SYN on a closed port.

Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories

13 files changed:

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom

sys/kern/kern_mac.c		diff \| blob \| history
sys/security/mac/mac_framework.c		diff \| blob \| history
sys/security/mac/mac_framework.h		diff \| blob \| history
sys/security/mac/mac_internal.h		diff \| blob \| history
sys/security/mac/mac_net.c		diff \| blob \| history
sys/security/mac/mac_pipe.c		diff \| blob \| history
sys/security/mac/mac_policy.h		diff \| blob \| history
sys/security/mac/mac_process.c		diff \| blob \| history
sys/security/mac/mac_syscalls.c		diff \| blob \| history
sys/security/mac/mac_system.c		diff \| blob \| history
sys/security/mac/mac_vfs.c		diff \| blob \| history
sys/sys/mac.h		diff \| blob \| history
sys/sys/mac_policy.h		diff \| blob \| history