Hi, I run a PGP key server (SKS 1.0.6) inside of a jail. However, my key server seems to be getting confused as to its IP address and is sending packets as the host environment (not as the jail environment). The IP configured in the jail (output of ifconfig) shows the proper IP address for the jail. ifconfig in the host environment shows the host's IP and the jail's IP (as an alias on the same interface). tcpdump in the host environment does confirm that the packets are getting the wrong IP address when sent out. Does anyone have any ideas? I cvsup'd (from cvsup12.FreeBSD.org) this morning and reinstalled the world for the host and jail environments and a new kernel for the host. This did not resolve the problem! Here is the output of uname -a: FreeBSD nox.hpc.unm.edu 4.9-STABLE FreeBSD 4.9-STABLE #8: Tue Jan 27 17:26:04 MST 2004 root@nox.hpc.unm.edu:/usr/obj/usr/src/sys/NOX i386 Any ideas on what I should be looking for? Jim -- James Prewett Systems Team Leader Designated Security Officer HPC Systems Engineer III @ HPC@UNM -- download@hpc.unm.edu Jim@Prewett.org
On Fri, 13 Feb 2004, Jim Prewett wrote:> I run a PGP key server (SKS 1.0.6) inside of a jail. However, my key > server seems to be getting confused as to its IP address and is sending > packets as the host environment (not as the jail environment).Could you show the output of sockstat as run in the host environment? Likewise, the output of ps ax. I'd like to see what the socket is bound to, as the theory goes that jail modifies the bind requests from the process to set them to the IP in the jail. Either we have a bug in socket handling, or the process isn't running in the jail. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Senior Research Scientist, McAfee Research