From owner-freebsd-current@freebsd.org  Fri Aug 28 01:56:03 2015
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 60C9A9C4D3E
 for <freebsd-current@mailman.ysv.freebsd.org>;
 Fri, 28 Aug 2015 01:56:03 +0000 (UTC)
 (envelope-from bsd-lists@bsdforge.com)
Received: from udns.ultimatedns.net (ultimatedns.net [209.180.214.225])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 37DAD26D
 for <freebsd-current@freebsd.org>; Fri, 28 Aug 2015 01:56:02 +0000 (UTC)
 (envelope-from bsd-lists@bsdforge.com)
Received: from ultimatedns.net (localhost [127.0.0.1])
 by udns.ultimatedns.net (8.14.9/8.14.9) with ESMTP id t7S1sjue011274
 for <freebsd-current@freebsd.org>; Thu, 27 Aug 2015 18:54:52 -0700 (PDT)
 (envelope-from bsd-lists@bsdforge.com)
To: "FreeBSD CURRENT" <freebsd-current@freebsd.org>
From: "Chris H" <bsd-lists@bsdforge.com>
Subject: Why does netstat not work in jails?
Date: Thu, 27 Aug 2015 18:54:52 -0700
Content-Type: text/plain; charset=UTF-8; format=fixed
MIME-Version: 1.0
Message-id: <af6459cb33b5020737f3a70130b7f13c@ultimatedns.net>
Content-Transfer-Encoding: 8bit
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Aug 2015 01:56:03 -0000

I've been attempting to run jails on an 11-CURRENT
for the purpose of building world/kernel && ports
for all of our 9-STABLE production servers. I'm using
standard/classic jail setup(s) -- not using any
of the "convenience" ports/applications that abstract
the process in any way.
While everything seemed to go as intended/anticipated,
I'm seeing things I *didn't* expect.
The host network get's it's "public" IP from the router
in front of it. From the router, I insure that it is
allocated the same non-public IP everytime. So DHCP
assigns it 192.168.0.100. I assigned the jail 192.168.0.103.
SSHD is started within the jail, root IS allowed login.
But any attempt to ssh to 192.168.0.103 from the host,
returns:
ssh_exchange_identification: Connection closed by remote host.

SSHD id NOT running on the host.

inetd_flags="-wW -a 192.168.0.100" and syslogd_flags="-ss"
is set on the host via rc.conf

second issue; loging into the jail, via jexex. If I perform:
netstat -nr
The following is returned:
netstat: kvm not available: /dev/mem: No such file or directory
Routing tables
rt_tables: symbol not in namelist

Any thought's jump out at anyone?

Thanks!

--Chris

--