search for: bpfopen

...BPF support is enabled in the kernel and a BPF device is available in the jail (badly configured devfs/no rules) The problem lies within the FreeBSD 5.x BPF kernel code: "The Berkeley Packet Filter provides a raw interface to data link layers in a protocol independent fashion. The function bpfopen() opens an Ethernet device. There is a conditional which disallows any jailed processes from accessing this function." This conditional was present in the 4.x series kernels but is missing in 5.x and thus allowing free access to bpfopen() from within a jailed environment. I think this is r...