[Lxc-users] Mitigating LXC Container Evasion?
Michael H. Warfield
mhw at WittsEnd.com
Wed Aug 3 21:52:54 UTC 2011
On Wed, 2011-08-03 at 17:41 -0300, Andre Nathan wrote:
> Hi Olivier
>
> On Wed, 2011-08-03 at 19:48 +0200, Mauras Olivier wrote:
> > You're true it won't work out of the box, sorry i forgot the network
> > part.
> >
> > echo 0.0.0.0/0 @ > /smack/netlabel
>
> Apparently this doesn't support IPv6... do you happen to know of a
> workaround?
That's v4 syntax. Does it not work at all? Did you try this:
echo ::/0 @ > /smack/netlabel
Not having tried this myself at all, I'm just asking. If it doesn't
work, that needs to be fixed but it's a SMACK bug.
> Thanks again,
> Andre
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20110803/5a4376fd/attachment.pgp>
More information about the lxc-users
mailing list