Date: Sun, 5 Dec 2004 03:30:29 +0100 (CET) From: Sten Spans <sten@blinkenlights.nl> To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: Andre Oppermann <andre@freebsd.org> Subject: Re: INADDR_ANY bind in a multiip jail Message-ID: <Pine.SOC.4.61.0412050317080.5783@tea.blinkenlights.nl> In-Reply-To: <Pine.BSF.4.53.0412042244190.34445@e0-0.zab2.int.zabbadoz.net> References: <344de28704120412333e70fb76@mail.gmail.com> <344de28704120413306b410608@mail.gmail.com> <41B23C51.5B4207AC@freebsd.org> <Pine.BSF.4.53.0412042244190.34445@e0-0.zab2.int.zabbadoz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 4 Dec 2004, Bjoern A. Zeeb wrote: > On Sat, 4 Dec 2004, Andre Oppermann wrote: > >>> i just found a patch from Pawel Jakub Dawidek(mijail5) which do not > ... >> Do you have a link? I'd like to have a look at the code. > > http://garage.freebsd.pl/ This code is borken on 5.3, because of mfc's. There is a somewhat fixed version at: http://blog.mombe.org/data/systems/mijail5.asis which seems to function reasonably. Although the site which hosts it is quite hard to reach. I use this patch to run webservers with vrrp redundant ip's, and apache with multiple ip's ( ssl ) in a jail. Aka, I have multiple active ips in apache, but not all of them active on each box which basically means inaddr_any. And I do have a need for jailing user scripting ( evil suexec-like tricks ). The inaddr_any need can be "fixed" with ips on loopback, and some routing or natd tricks. And one could run a seperate apache for each ip. -- Sten Spans "There is a crack in everything, that's how the light gets in." Leonard Cohen - Anthem
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOC.4.61.0412050317080.5783>