Landlock.Network Enum
TCP network access rights handled by a Landlock ruleset. Pass these to
CreateRuleset to declare which rights the sandbox
handles, and to AddPortRule to re-grant them for a
specific port. Available from ABI 4 (kernel 6.7+).
Definition
Namespace: Sandbox
public enum Network
Remarks
Landlock restricts TCP only — UDP, raw sockets, and other non-TCP traffic are outside its scope. On kernels older than ABI 4 these flags are silently dropped by the binding; require a minimum ABI when network sandboxing is mandatory (see ABI versions). For the semantics, see the "Network flags" section of landlock(7).
Fields
| Value | Description |
|---|---|
BIND_TCP |
Bind a TCP socket to a port. |
CONNECT_TCP |
Connect a TCP socket to a port. |
BIND_TCP
Bind a TCP socket to a port (LANDLOCK_ACCESS_NET_BIND_TCP). Min ABI 4
(kernel 6.7).
CONNECT_TCP
Connect a TCP socket to a port (LANDLOCK_ACCESS_NET_CONNECT_TCP). Min ABI 4
(kernel 6.7).
Applies to
Sandbox.dll — Linux only (x86-64, kernel ≥ 6.7 for network rules). See the network rules guide.