Hi, I recently upgraded to 10.1 BETA3 via sources. All seemed to be fine until I started jails which connect to the Internet. It simply does not work anymore. When the browser from the jail connects to another jail on the same machine via HTTP, it all works. Accesses to the ouside of the machine fails. Even a ping to a local device does not work. ping 192.168.yyy.xxx ping: socket: Operation not permitted despite having security.jail.allow_raw_sockets: 1 Just to make sure, I upgraded also the world in all jails without any difference. UPDATING did not mention any changes since BETA1. I feel a bit lost now. What could have caused the problems? Erich
On 10/2/2014 4:05 AM, Erich Dollansky wrote:> Hi, > > I recently upgraded to 10.1 BETA3 via sources. All seemed to be fine > until I started jails which connect to the Internet. It simply does not > work anymore. When the browser from the jail connects to another jail > on the same machine via HTTP, it all works. Accesses to the ouside of > the machine fails. > > Even a ping to a local device does not work. > > ping 192.168.yyy.xxx > ping: socket: Operation not permitted > > despite having > > security.jail.allow_raw_sockets: 1 > > Just to make sure, I upgraded also the world in all jails without any > difference. > > UPDATING did not mention any changes since BETA1. > > I feel a bit lost now. > > What could have caused the problems? > > ErichIt would be handle to see what happens when the IP addresses are set on the jail in the first place. Try running: jail -r '*' jail -v -c '*' and look at the results when it (presumably) runs ifconfig. Hopefully, there'll be a clue there. - Jamie
On Thu, 2 Oct 2014, Erich Dollansky wrote:> Hi, > > I recently upgraded to 10.1 BETA3 via sources. All seemed to be fine > until I started jails which connect to the Internet. It simply does not > work anymore. When the browser from the jail connects to another jail > on the same machine via HTTP, it all works. Accesses to the ouside of > the machine fails. > > Even a ping to a local device does not work. > > ping 192.168.yyy.xxx > ping: socket: Operation not permitted > > despite having > > security.jail.allow_raw_sockets: 1 > > Just to make sure, I upgraded also the world in all jails without any > difference. > > UPDATING did not mention any changes since BETA1. > > I feel a bit lost now. > > What could have caused the problems?Does the jail have more than one Ethernet interface?
On 10/2/2014 4:05 AM, Erich Dollansky wrote:> Hi, > > I recently upgraded to 10.1 BETA3 via sources. All seemed to be fine > until I started jails which connect to the Internet. It simply does not > work anymore. When the browser from the jail connects to another jail > on the same machine via HTTP, it all works. Accesses to the ouside of > the machine fails. > > Even a ping to a local device does not work. > > ping 192.168.yyy.xxx > ping: socket: Operation not permitted > > despite having > > security.jail.allow_raw_sockets: 1 > > Just to make sure, I upgraded also the world in all jails without any > difference. > > UPDATING did not mention any changes since BETA1. > > I feel a bit lost now. > > What could have caused the problems? > > ErichHaving looked at an svn diff between BETA1 and BETA3, I'm at a loss. The only change involving jails was a few lines that tested a condition for a locking issue in the kernel (r271622). I also looked for any changes to lagg, on a hunch the problem might be there, but found nothing changed there either. - Jamie
Erich Dollansky wrote:> Hi, > > I recently upgraded to 10.1 BETA3 via sources. All seemed to be fine > until I started jails which connect to the Internet. It simply does not > work anymore. When the browser from the jail connects to another jail > on the same machine via HTTP, it all works. Accesses to the ouside of > the machine fails. > > Even a ping to a local device does not work. > > ping 192.168.yyy.xxx > ping: socket: Operation not permitted > > despite having > > security.jail.allow_raw_sockets: 1 > > Just to make sure, I upgraded also the world in all jails without any > difference. > > UPDATING did not mention any changes since BETA1. > > I feel a bit lost now. > > What could have caused the problems? > > ErichWhat version of the base system are your jails at? IE: are they at 10.0 or 10.1 xxx or some older version? What method did you use to define your jails [rc.conf or jail.conf]?