[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] Add a sandbox rule to allow IP_TRANSPARENT
commit 25f0eb4512a57e305ed0bff00eb276812a7c8de6
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Sun Feb 2 15:47:48 2014 -0500
Add a sandbox rule to allow IP_TRANSPARENT
---
src/common/sandbox.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index dec6bfe..6b78748 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -475,6 +475,14 @@ sb_setsockopt(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
if (rc)
return rc;
+#ifdef IP_TRANSPARENT
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(setsockopt), 2,
+ SCMP_CMP(1, SCMP_CMP_EQ, SOL_IP),
+ SCMP_CMP(2, SCMP_CMP_EQ, IP_TRANSPARENT));
+ if (rc)
+ return rc;
+#endif
+
return 0;
}
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits