On Wed, Sep 03, 2003 at 10:22:50AM -0700, JVDS.com Support wrote: > Hi, > I'm trying to stop one vserver being able to tcpdump and see another > vservers traffic however whilst keeping CAP_NET_RAW so they can ping. Any > ideas? Is there a CAP I can set?
guess not, because the usual ping means full access to the network stack, and because it's not really virtual you'll end up with a lot of optortunities ... why do you need/want the ping from inside a vserver anyway? best, Herbert > Rgds > > Rus
