Translation Information

Project website docs.freebsd.org/en
Translation process
  • Translations can be made directly.
  • Translation suggestions can be made.
  • Only chosen users can contribute.
  • The translation uses bilingual files.
Translation license BSD 2-Clause "Simplified" License
Filemask documentation/content/*/books/arch-handbook/jail/chapter.po
Translation file Download documentation/content/zh_CN/books/arch-handbook/jail/chapter.po
There are certain protocols which are very common, such as TCP, UDP, IP and ICMP. IP and ICMP are on the same level: the network layer 2. There are certain precautions which are taken in order to prevent a jailed process from binding a protocol to a certain address only if the `nam` parameter is set. `nam` is a pointer to a `sockaddr` structure, which describes the address on which to bind the service. A more exact definition is that `sockaddr` "may be used as a template for referring to the identifying tag and length of each address". In the function `in_pcbbind_setup()`, `sin` is a pointer to a `sockaddr_in` structure, which contains the port, address, length and domain family of the socket which is to be bound. Basically, this disallows any processes from jail to be able to specify the address that does not belong to the jail in which the calling process exists.
网络协议TCP, UDP, IP和ICMP很常见。IP和ICMP处于同一协议层次:第二层,网络层。当参数<literal>nam</literal>被设置时,有一些限制措施会防止被囚禁的程序绑定到一些网络接口上。<literal>nam</literal>是一个指向<literal>sockaddr</literal>结构体的指针,描述可以绑定服务的地址。一个更确切的定义:<literal>sockaddr</literal>“是一个模板,包含了地址的标识符和地址的长度”。在函数<literal>in_pcbbind_setup()</literal>中<literal>sin</literal>是一个指向<literal>sockaddr_in</literal>结构体的指针,这个结构体包含了套接字可以绑定的端口、地址、长度、协议族。这就禁止了在<application>jail</application>中的进程指定不属于这个进程所存在于的<application>jail</application>的IP地址。
3 days ago
New contributor 3 days ago
/usr/include/sys/jail.h:
struct prison {
LIST_ENTRY(prison) pr_list; /* (a) all prisons */
int pr_id; /* (c) prison id */
int pr_ref; /* (p) refcount */
char pr_path[MAXPATHLEN]; /* (c) chroot path */
struct vnode *pr_root; /* (c) vnode to rdir */
char pr_host[MAXHOSTNAMELEN]; /* (p) jail hostname */
u_int32_t pr_ip; /* (c) ip addr host */
void *pr_linux; /* (p) linux abi */
int pr_securelevel; /* (p) securelevel */
struct task pr_task; /* (d) destroy task */
struct mtx pr_mtx;
void **pr_slots; /* (p) additional data */
};
<filename>/usr/include/sys/jail.h</filename>:
struct prison {
LIST_ENTRY(prison) pr_list; /* (a) all prisons */
int pr_id; /* (c) prison id */
int pr_ref; /* (p) refcount */
char pr_path[MAXPATHLEN]; /* (c) chroot path */
struct vnode *pr_root; /* (c) vnode to rdir */
char pr_host[MAXHOSTNAMELEN]; /* (p) jail hostname */
u_int32_t pr_ip; /* (c) ip addr host */
void *pr_linux; /* (p) linux abi */
int pr_securelevel; /* (p) securelevel */
struct task pr_task; /* (d) destroy task */
struct mtx pr_mtx;
void **pr_slots; /* (p) additional data */
};
3 days ago
New contributor 3 days ago
Filesystem
文件系统
9 days ago
New contributor 9 days ago
Protocols
网络协议
9 days ago
New contributor 9 days ago
Berkeley Packet Filter
Berkeley包过滤器
9 days ago
New contributor 9 days ago
Browse all translation changes

Statistics

Percent Strings Words Chars
Total 92 2,701 20,132
Translated 17% 16 67 455
Needs editing 2% 2 241 1,813
Failing checks 0% 0 0 0

Last activity

Last change April 11, 2021, 10:44 a.m.
Last author Anonymous

Daily activity

Daily activity

Weekly activity

Weekly activity