From: Daniel Hokka Zakrisson <dhokka@cs.princeton.edu>
Date: Wed, 13 Feb 2008 13:17:36 +0000 (+0000)
Subject: Enable raw sockets using VNET, and allow connections to 127.0.0.1.
X-Git-Tag: util-vserver-pl-0.3-2~11
X-Git-Url: http://git.onelab.eu/?p=util-vserver-pl.git;a=commitdiff_plain;h=7b94e2607cd6dd5a24ec245aeff3bad697bf39b5

Enable raw sockets using VNET, and allow connections to 127.0.0.1.
---

diff --git a/src/planetlab.c b/src/planetlab.c
index 9300744..9a3e571 100644
--- a/src/planetlab.c
+++ b/src/planetlab.c
@@ -48,11 +48,22 @@ POSSIBILITY OF SUCH DAMAGE.
 #include "vserver.h"
 #include "planetlab.h"
 
+#ifndef VC_NXC_RAW_SOCKET
+#  define VC_NXC_RAW_SOCKET	0x00000200ull
+#endif
+#ifndef VC_NXC_RAW_SEND
+#  define VC_NXC_RAW_SEND	0x00000400ull
+#endif
+#ifndef VC_NXF_LBACK_ALLOW
+#  define VC_NXF_LBACK_ALLOW	0x00000400ull
+#endif
+
 static int
 create_context(xid_t ctx, uint64_t bcaps)
 {
-  struct vc_ctx_caps  vc_caps;
+  struct vc_ctx_caps   vc_caps;
   struct vc_net_flags  vc_nf;
+  struct vc_net_caps   vc_ncaps;
 
   /* Create network context */
   if (vc_net_create(ctx) == VC_NOCTX) {
@@ -62,10 +73,15 @@ create_context(xid_t ctx, uint64_t bcaps)
   }
 
   /* Make the network context persistent */
-  vc_nf.mask = vc_nf.flagword = VC_NXF_PERSISTENT;
+  vc_nf.mask = vc_nf.flagword = VC_NXF_PERSISTENT | VC_NXF_LBACK_ALLOW;
   if (vc_set_nflags(ctx, &vc_nf))
     return -1;
 
+  /* Give it raw sockets capabilities */
+  vc_ncaps.ncaps = vc_ncaps.cmask = VC_NXC_RAW_ICMP | VC_NXC_RAW_SOCKET;
+  if (vc_set_ncaps(ctx, &vc_ncaps))
+    return -1;
+
 tag:
   /* Create tag context */
   if (vc_tag_create(ctx) == VC_NOCTX)