/* Writeable directory (for the nsjail user) under cgroup_pids_mount */
optional string cgroup_pids_parent = 64 [default = "NSJAIL"];
+ /* If > 0, Class identifier of network packets inside jail */
+ optional uint32 cgroup_net_cls_classid = 65 [default = 0];
+ /* Mount point for cgroups-net-cls in your system */
+ optional string cgroup_net_cls_mount = 66 [default = "/sys/fs/cgroup/net_cls"];
+ /* Writeable directory (for the nsjail user) under cgroup_net_mount */
+ optional string cgroup_net_cls_parent = 67 [default = "NSJAIL"];
/* Should the 'lo' interface be brought up (active) inside this jail? */
- optional bool iface_no_lo = 65 [default = false];
+ optional bool iface_no_lo = 68 [default = false];
/* Parameters for the cloned MACVLAN interface inside jail */
- optional string macvlan_iface = 66; /* Interface to be cloned, eg 'eth0' */
- optional string macvlan_vs_ip = 67 [default = "192.168.0.2"];
- optional string macvlan_vs_nm = 68 [default = "255.255.255.0"];
- optional string macvlan_vs_gw = 69 [default = "192.168.0.1"];
+ optional string macvlan_iface = 69; /* Interface to be cloned, eg 'eth0' */
+ optional string macvlan_vs_ip = 70 [default = "192.168.0.2"];
+ optional string macvlan_vs_nm = 71 [default = "255.255.255.0"];
+ optional string macvlan_vs_gw = 72 [default = "192.168.0.1"];
/* Binary path (with arguments) to be executed. If not specified here, it
can be specified with cmd-line as "-- /path/to/command arg1 arg2" */
- optional Exe exec_bin = 70;
-
- /* If > 0, Class identifier of network packets inside jail */
- optional uint32 cgroup_net_cls_classid = 71 [default = 0];
- /* Mount point for cgroups-net-cls in your system */
- optional string cgroup_net_cls_mount = 72 [default = "/sys/fs/cgroup/net_cls"];
- /* Writeable directory (for the nsjail user) under cgroup_net_mount */
- optional string cgroup_net_cls_parent = 73 [default = "NSJAIL"];
+ optional Exe exec_bin = 73;
}
projects / platform / upstream / nsjail.git / commitdiff