nixpkgs-suyu

History

Maximilian Bosch 37e3cadb8b nixos/systemd-networkd-vrf: implement working TCP test on a 5.x kernel By design, VRFs allow route-leaking for forwarded packages, but not for local processes using a socket. While it was possible to leak such TCP traffic through a VRF on a 4.x kernel, this behavior was considered wrong and got fixed in Linux 5.x[1]. From now on, local unix sockets must run in the VRF itself using `ip vrf exec`[2] which basically injects a BPF program into the VRF and drops elevated networking capabilities by default for the specified command. [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c82a21f4320c8d54cf6456b27c8d49e5ffb722e [2] https://man7.org/linux/man-pages/man8/ip-vrf.8.html		2020-07-31 21:06:00 +02:00
..
doc	nixos/doc/*: editorconfig fixes	2020-07-31 15:08:54 +10:00
lib	nixos/boot: some documentation improvements	2020-07-29 14:39:21 -07:00
maintainers	nixos/azure-new: use local nixpkgs	2020-04-27 02:11:10 -07:00
modules	nixos/nix-daemon.nix: fix nix.distributedBuilds assertion	2020-07-30 21:38:24 -05:00
tests	nixos/systemd-networkd-vrf: implement working TCP test on a 5.x kernel	2020-07-31 21:06:00 +02:00
COPYING
default.nix
README	treewide: use https for nixos.org and hydra.nixos.org	2020-05-03 22:14:21 -07:00
release-combined.nix	nixos/release-combined: add systemd-networkd-ipv6-prefix-delegation test	2020-05-01 17:45:40 +02:00
release-small.nix	nixos/release-small: drop latestKernel.login	2020-04-19 22:20:07 +03:00
release.nix	nixos/release: add pantheon closure	2020-07-26 15:30:08 -04:00

README

*** NixOS ***

NixOS is a Linux distribution based on the purely functional package
management system Nix.  More information can be found at
https://nixos.org/nixos and in the manual in doc/manual.