svn commit: r186955 - in head/sys: conf netinet

[Julian Elischer]

Adrian Chadd wrote:
> I wasn't even aware of the existance of this interface. I'll check it out.
> 
> Thing is, this is a socket layer option, rather than what I've
> committed which is a netinet layer option.
> 
> Anyway, I'll check it out. I'm happy to fiddle with things if others'
> would like it.
> 
remember that the behaviour needs to last longer than the socket 
does.. once the socket is removed you should still be sending RSTs or 
whatever until the fin-wait2 (and other) states have wrapped up.

so that is why I keep the info in teh inp.

> 
> 
> Adrian
> 
> 2009/1/9 Attila Nagy <bra at fsn.hu>:
>> Hello,
>>
>> Adrian Chadd wrote:
>>> Author: adrian
>>> Date: Fri Jan  9 16:02:19 2009
>>> New Revision: 186955
>>> URL: http://svn.freebsd.org/changeset/base/186955
>>>
>>> Log:
>>>  Implement a new IP option (not compiled/enabled by default) to allow
>>>  applications to specify a non-local IP address when bind()'ing a socket
>>>  to a local endpoint.
>>>    This allows applications to spoof the client IP address of connections
>>>  if (obviously!) they somehow are able to receive the traffic normally
>>>  destined to said clients.
>>>    This patch doesn't include any changes to ipfw or the bridging code to
>>>  redirect the client traffic through the PCB checks so TCP gets a shot
>>>  at it. The normal behaviour is that packets with a non-local destination
>>>  IP address are not handled locally. This can be dealth with some IPFW
>>> hackery;
>>>  modifications to IPFW to make this less hacky will occur in subsequent
>>>  commmits.
>>>    Thanks to Julian Elischer and others at Ironport. This work was
>>> approved
>>>  and donated before Cisco acquired them.
>>>    Obtained from:        Julian Elischer and others
>>>  MFC after:    2 weeks
>>>
>> Wouldn't it be better to implement existing interfaces for that?
>> OpenBSD has a SO_BINDANY socket option and it seems it's also in BSD/OS:
>> http://marc.info/?l=openbsd-cvs&w=2&r=1&s=bindany&q=b
>>
>>