Take #2 ... Once again, two patches. The first should be familiar as it is the same patch as before with feedback taken into account. The second patch is most likely new to the netdev crowd as it consists of the SELinux changes necessary to implement the network ingress/egress controls I talked about last week after the previous approach was rejected.
You will note that the ingress/egress controls are now completely contained within the LSM/SELinux code using the skb->dst->xfrm approach mentioned last Friday. For those of you who want/need more context when looking at the second patch, you can find the rest of the patches here: * git://git.infradead.org/users/pcmoore/lblnet-2.6_testing * http://git.infradead.org/?p=users/pcmoore/lblnet-2.6_testing Just as before, I'm posting these patches here for review and hopefully an 'Acked-by', not inclusion into net-2.6.25. If these patches are acceptable then they will pushed upstream with the rest of the changes when 2.6.25 is ready. Thanks. -- paul moore linux security @ hp -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
