From owner-freebsd-security@FreeBSD.ORG  Tue Aug  5 03:20:30 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E9E6D37B401
	for <freebsd-security@freebsd.org>;
	Tue,  5 Aug 2003 03:20:30 -0700 (PDT)
Received: from mail.impress.lt (server.impress.lt [193.219.5.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 468E443F93
	for <freebsd-security@freebsd.org>;
	Tue,  5 Aug 2003 03:20:30 -0700 (PDT)
	(envelope-from stakys@punktas.lt)
Received: from mail.impress.lt (localhost [127.0.0.1])
	by mail.impress.lt (Postfix) with SMTP id 284A754BC
	for <freebsd-security@freebsd.org>;
	Tue,  5 Aug 2003 13:20:23 +0000 (GMT)
Received: from 81.7.109.95
        (SquirrelMail authenticated user stakys@punktas.lt)
        by mail.impress.lt with HTTP;
        Tue, 5 Aug 2003 13:20:23 -0000 (GMT)
Message-ID: <53210.81.7.109.95.1060089623.squirrel@mail.impress.lt>
Date: Tue, 5 Aug 2003 13:20:23 -0000 (GMT)
From: stakys@punktas.lt
To: freebsd-security@freebsd.org
User-Agent: SquirrelMail/1.4.0
MIME-Version: 1.0
Content-Type: text/plain;charset=windows-1257
X-Priority: 3
Importance: Normal
Subject: Re: Problems with JAIL in 4.8R
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Aug 2003 10:20:31 -0000

On Tue, Aug 05, 2003 at 12:56:36PM -0000, stakys@punktas.lt wrote:
> Hi, i've set the outside ip for the jail..It works.. When i try to ssh to
> jail'ed system from the main system (in which is created jail) the
> connection is successful, but when i try to connect to jailed system from
> anywhere else i get this message:
> ssh: connect to host IP_NUMBER port 22: Operation timed out
> What can be wrong here? How to solve this problem?

>>Are you running some sort of firewall on the main system?  You might
>>have to add additional rules allowing SSH into the jailed one...

>>G'luck,
>>Peter
I'm running IPFW but i put such a lines to ipfw.rules to be sure that it's
not firewall's fault, about connecting to jail'ed system from outside.
Here are the lines:
ipfw add 50 allow ip from any to any via lo0
ipfw add 51 allow ip from any to any via rl0