similar to: source addresses for IP traffic between jails

Hi all, Is it mandatory to add device mem to jails to enable network via the gateway? Left ezjail with FreeBSD-6.3 (and a hardware replacement of my server) and am now starting again with FreeBSD-7.1. Early this week, I upgraded from 7.0 to 7.1 (not having 'used' jails on 7.0). After creating the jail with `ezjail-admin update -i` I created a 'ports build' jail `ezjail-admin

> I recently did something like this. I have a webserver in a jail that > needs to talk to a database, and the webserver is the only thing that > should talk to the databse. > My solution was to use 2 jails: one for the webserver, and another for the > database. > Jail 1: > * runs webserver > * binds to real interface with real, routable IP > Jail 2: > *

Hello, I already consulted related lists @freebsd.org [1,2] but I have remained unsuccessful to solve the following issue: VPN works for an internal IPv4 subnet, but I doesn't for an internal IPv6 subnet with ULAs. To be honest, I don't have any experience setting up a local IPv6; so I guess that I'm doing something wrong here. For those that know FreeBSD: The main aim is to connect

Hi, IP traffic from one jail to another jail, arrives on destination jail on lo0 having the destination jails IP as source IP. Why not the source jail's IP address? How can I filter traffic from one jail to another, using ipfw of ipf? Cheers, -- Anders.

Hi, Running: Freebsd 6.0 I am wondering if it is possible to have acces to loopback ip in a jail. I currently have a server running a jail. In the jail, there is a database and a web server. I would like to be able to have the database only bind on a loopback address and not on the jail's ip. Can this be done and how? Thanks -Cyril

Hi, This is the first time I've come across this: pid 11415 (ipfw), uid 0: exited on signal 11 (core dumped) The core dump landed in root's home directory in one of my jails. Has anyone seen this before? Should I be concerned? chkrootkit says nothing. (How trustworthy is its output? ;-) Thanks. Cheers. -- Ng Pheng Siong <ngps@netmemetic.com> http://firewall.rulemaker.net

>On Sunday 11 May 2003 03:19 pm, freebsdquestions@schatti.ch wrote: >> Hi all! >> >> Short question: could anyone point me to documents regarding topics: >> jails! & nat & (ipfw|ip tables) - I'm in process to build a new system... >> Planned layout: >> >> NET---router/nat-----gateway:freebsd5.x/nat--------inner net >> >>

Hi *, I recently triggered an error when setting up a jail-host: I configured the jail(s) like evry jail I set up in the past: On the jail-hosts /etc/rc.conf: # ---- Jail-Globals ---- jail_enable="YES" # Set to NO to disable starting of any jails jail_list="ftp mx1 relay" # Space separated list of names of jails

Hello, I have configured jail for users with sshd ftpd and auth. I started this jail on IP 127.0.0.10(there is an alias on lo0 interface), there was not any bigger problem to start it. But i have a problem with internet in this jail. I can log in to this jail through ssh or ftpd but i can't connect to the internet. I try to set up some kind of nat but it doesn't work. Can anybody help me

I've got a server running FreeBSD 6.2 and PF. The server has a couple dozen jails on it. Previously, I had a few "private" services such as MySQL running on loopback IPs (127.0.0.2+) and the rest of the jails running on the public IPs. I have to renumber my machine with a new block of public IPs so I thought I'd be clever and move all the jails onto loopback IPs. Then

Hi, I am using IPFW on FreeBSD 4.11 I am facing two problems: - SSH sessions timeout after a while - When I run "/sbin/ipfw -q -f flush" in the rules script all connection get reset (and I am thrown out of the box). Is this standard functioning of ipfw or do I need to change any configuration? Thanks, Siddhartha

Hello all, I've been searching around and have come up with no current discussions on this issue. I'll keep it brief: In 7.0 or 7.1 is there any provision to have multiple IP addresses in a jail? I'm stumped on this, as I just started a new hosting project that needs a few jails. At least one of those requires multiple IPs, which is something I never really even realized was

I'm facing a problem with accessing a HTTPd (Apache) jail locally. Consider this jail scenario: /etc/hosts: 127.0.0.1 localhost foo.com 172.16.0.1 apache /etc/natd.conf: use_sockets yes same_ports yes unregistered_only yes redirect_port tcp 172.16.0.1:80 80 redirect_port tcp 172.16.0.1:443 443 /etc/firewall.sh ... ${fwcmd} add divert natd all from any to any via ${oif}(IPFW) ... rl0, my

FreeBSD-12.1p7 Samab-4.10.15 running in FreeBSD Jail I just wish to ensure that my conclusion respecting Samba, FreeBSD Jails, and NTP is correct. 1. Unless configured otherwise Windows domain clients will query and obtain their time from the samba_server DC. 2. Samba_server obtains its time from the OS, in this case a FreeBSD Jail. 3. FreeBSD Jails get their time from their host. 4. If

On Thu, July 30, 2020 17:23, Robert Marcano wrote: > On 7/30/20 5:00 PM, James B. Byrne via samba wrote: >> FreeBSD-12.1p7 >> Samab-4.10.15 running in FreeBSD Jail >> >> >> I just wish to ensure that my conclusion respecting Samba, FreeBSD Jails, and >> NTP is correct. >> >> 1. Unless configured otherwise Windows domain clients will query and

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear dovecot developers, first: thanks for this really cool imapd, on my server it serves some hundred domains, all in all some thousand users, some having hundred thousand mails in their Maildirs (their spam boxes mostly). Since I put this installation in an FreeBSD geli encrypted disc image I had no choice but to choose an imapd with clever

Howdy! I'm not sure if this is actually an issue, feature or a bug, but I have found that inside a jail, the jailed root user is able to sniff traffic (and enable promiscuous mode) on at least the interface of the IP address the jail is attached to. I have not found any documentation explaining if this should occur or not, but I feel it is something that should at least be known to those

Hi all! Short question: could anyone point me to documents regarding topics: jails! & nat & (ipfw|ip tables) - I'm in process to build a new system... Planned layout: NET---router/nat-----gateway:freebsd5.x/nat--------inner net | | | | | L- apache/php (lo_alias1) | L------ mail server (lo_alias2)

Hello! My name is Denis Shaposhnikov. I'm looking for a job in EU (Germany is preferably) as a UNIX/FreeBSD system administrator and/or network administrator that lets me utilize my experience in an Internet Service Providing (ISP). Skills: * Operating systems: UNIX (FreeBSD 2.2 - STABLE), Cisco IOS (10.x - 12.x), ZyNOS. Understand how systems work and is able to apply this

Hello, on 9.1-R, I highly appreciate the new jail(8) and jail.conf capabilities. Thanks for that extension! But I have one problem: If I want to stop a jail with 'jaill -r jailname', I get "umount: unmount of /.jail.jailname failed: Device busy" It seems to me that the order of fstab.jailname entries are not reverted by jail(8) when shutting down/umounting. My C skills