Herbert Poetzl <[EMAIL PROTECTED]> writes: > On Thu, Sep 07, 2006 at 08:23:53PM +0400, Kirill Korotaev wrote: > > well, who said that you need to have things like RAW sockets > or other protocols except IP, not to speak of iptable and > routing entries ... > > folks who _want_ full network virtualization can use the > more complete virtual setup and be happy ...
Exactly this was a proposal for isolation for containers that don't get CAP_NET_ADMIN, with a facility that could easily be general purpose. Eric - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
