go
/
gvisor
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
6,540 Commits 2 Branches 96 Tags 81 MiB
Commit Graph

5 Commits

Author SHA1 Message Date
Kevin Krakauer 1796cd89d5 add create-only raw sockets 
These can be used by applications to manipulate iptables rules without enabling
arbitrary reads from and writes to the underlying packet socket.

PiperOrigin-RevId: 402924733
 2021-10-13 14:40:04 -07:00
Tamir Duberstein 8d1afb4185 Change tcpip.Error to an interface 
This makes it possible to add data to types that implement tcpip.Error.
ErrBadLinkEndpoint is removed as it is unused.

PiperOrigin-RevId: 354437314
 2021-01-28 17:59:58 -08:00
Kevin Krakauer 12235d533a AF_PACKET support for netstack (aka epsocket). 
Like (AF_INET, SOCK_RAW) sockets, AF_PACKET sockets require CAP_NET_RAW. With
runsc, you'll need to pass `--net-raw=true` to enable them.

Binding isn't supported yet.

PiperOrigin-RevId: 275909366
 2019-10-21 13:23:18 -07:00
Kevin Krakauer 59ccbb1044 Remove centralized registration of protocols. 
Also removes the need for protocol names.

PiperOrigin-RevId: 271186030
 2019-09-25 12:57:05 -07:00
Kevin Krakauer 9b4d3280e1 Add IPPROTO_RAW, which allows raw sockets to write IP headers. 
iptables also relies on IPPROTO_RAW in a way. It opens such a socket to
manipulate the kernel's tables, but it doesn't actually use any of the
functionality. Blegh.

PiperOrigin-RevId: 257903078
 2019-07-12 18:09:12 -07:00