diff options
author | hselasky <hselasky@FreeBSD.org> | 2014-06-28 03:56:17 +0000 |
---|---|---|
committer | hselasky <hselasky@FreeBSD.org> | 2014-06-28 03:56:17 +0000 |
commit | 35b126e324b8032aebea9ab6b4daf7c0bf8daed0 (patch) | |
tree | 2ebc46d89e79d747fa284f379b1979658216c719 /sys/security/mac_ifoff | |
parent | 02776baefafae26b2e8b15569fe1868071fb550a (diff) | |
download | FreeBSD-src-35b126e324b8032aebea9ab6b4daf7c0bf8daed0.zip FreeBSD-src-35b126e324b8032aebea9ab6b4daf7c0bf8daed0.tar.gz |
Pull in r267961 and r267973 again. Fix for issues reported will follow.
Diffstat (limited to 'sys/security/mac_ifoff')
-rw-r--r-- | sys/security/mac_ifoff/mac_ifoff.c | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/sys/security/mac_ifoff/mac_ifoff.c b/sys/security/mac_ifoff/mac_ifoff.c index 7165f90..28097b5 100644 --- a/sys/security/mac_ifoff/mac_ifoff.c +++ b/sys/security/mac_ifoff/mac_ifoff.c @@ -66,25 +66,21 @@ static SYSCTL_NODE(_security_mac, OID_AUTO, ifoff, CTLFLAG_RW, 0, "TrustedBSD mac_ifoff policy controls"); static int ifoff_enabled = 1; -SYSCTL_INT(_security_mac_ifoff, OID_AUTO, enabled, CTLFLAG_RW, +SYSCTL_INT(_security_mac_ifoff, OID_AUTO, enabled, CTLFLAG_RWTUN, &ifoff_enabled, 0, "Enforce ifoff policy"); -TUNABLE_INT("security.mac.ifoff.enabled", &ifoff_enabled); static int ifoff_lo_enabled = 1; -SYSCTL_INT(_security_mac_ifoff, OID_AUTO, lo_enabled, CTLFLAG_RW, +SYSCTL_INT(_security_mac_ifoff, OID_AUTO, lo_enabled, CTLFLAG_RWTUN, &ifoff_lo_enabled, 0, "Enable loopback interfaces"); -TUNABLE_INT("security.mac.ifoff.lo_enabled", &ifoff_lo_enabled); static int ifoff_other_enabled = 0; -SYSCTL_INT(_security_mac_ifoff, OID_AUTO, other_enabled, CTLFLAG_RW, +SYSCTL_INT(_security_mac_ifoff, OID_AUTO, other_enabled, CTLFLAG_RWTUN, &ifoff_other_enabled, 0, "Enable other interfaces"); -TUNABLE_INT("security.mac.ifoff.other_enabled", &ifoff_other_enabled); static int ifoff_bpfrecv_enabled = 0; -SYSCTL_INT(_security_mac_ifoff, OID_AUTO, bpfrecv_enabled, CTLFLAG_RW, +SYSCTL_INT(_security_mac_ifoff, OID_AUTO, bpfrecv_enabled, CTLFLAG_RWTUN, &ifoff_bpfrecv_enabled, 0, "Enable BPF reception even when interface " "is disabled"); -TUNABLE_INT("security.mac.ifoff.bpfrecv.enabled", &ifoff_bpfrecv_enabled); static int ifnet_check_outgoing(struct ifnet *ifp) |