Hello, Using IP_BINDANY to facilitate transparent proxying works as specified. According the ip(4) man page and sys/netinet/ip_output.c, the PRIV_NETINET_BINDANY privilege is required in order to make a setsockopt() call with IP_BINDANY.
I would like to use this in an app that does not run as uid 0. Is it possible to assign the PRIV_NETINET_BINDANY privilege to a specific uid or process or can this mechanism only be used in jails to reduce root privileges further? Thank you -- Gerald McNulty _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[email protected]"
