From owner-freebsd-jail@FreeBSD.ORG Sun Nov 17 01:02:29 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9F697113 for ; Sun, 17 Nov 2013 01:02:29 +0000 (UTC) Received: from m2.gritton.org (gritton.org [199.192.164.235]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 827262E99 for ; Sun, 17 Nov 2013 01:02:28 +0000 (UTC) Received: from [192.168.0.34] (c-50-168-192-61.hsd1.ut.comcast.net [50.168.192.61]) (authenticated bits=0) by m2.gritton.org (8.14.7/8.14.7) with ESMTP id rAH12P4S047403; Sat, 16 Nov 2013 18:02:25 -0700 (MST) (envelope-from jamie@freebsd.org) Message-ID: <5288159C.1090202@freebsd.org> Date: Sat, 16 Nov 2013 18:02:20 -0700 From: James Gritton User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: freebsd-jail@freebsd.org Subject: Re: rc.d/jail not loading default devfs rulesets References: <2632E87C-F5D4-4F24-B392-BA0626049A22@demter.de> In-Reply-To: <2632E87C-F5D4-4F24-B392-BA0626049A22@demter.de> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Nov 2013 01:02:29 -0000 On 11/16/2013 2:41 PM, Jan Demter wrote: > is it intentional that rc.d/jail does not load the default devfs rulesets on current and 10.0? It used to work like this on 9.x and earlier, now you have to explicitly load them (e.g. with devfs_load_rulesets in rc.conf). > If you do not do this, ruleset 4 (devfsrules_jail) will just be created and left empty on mount of the in-jail /dev, making the normal set of device nodes available. That is quite an easy escape path :) > This does not seem to be documented anywhere and is somewhat surprising, so I suspect it is an oversight? Apart from that I really like the work on jail.conf, thanks a lot! Yes, that's an oversight. The current rc.d/jail script needs work, and this is part of the work it needs. It might be as simple as changing the rc script's dependencies. - Jamie From owner-freebsd-jail@FreeBSD.ORG Sun Nov 17 01:05:25 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 24DF1155 for ; Sun, 17 Nov 2013 01:05:25 +0000 (UTC) Received: from m2.gritton.org (gritton.org [199.192.164.235]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 083092EA8 for ; Sun, 17 Nov 2013 01:05:24 +0000 (UTC) Received: from [192.168.0.34] (c-50-168-192-61.hsd1.ut.comcast.net [50.168.192.61]) (authenticated bits=0) by m2.gritton.org (8.14.7/8.14.7) with ESMTP id rAH0vAFr046991; Sat, 16 Nov 2013 17:57:10 -0700 (MST) (envelope-from jamie@freebsd.org) Message-ID: <52881460.8090507@freebsd.org> Date: Sat, 16 Nov 2013 17:57:04 -0700 From: James Gritton User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: freebsd-jail@freebsd.org Subject: Re: rc.d/jail not loading default devfs rulesets References: <2632E87C-F5D4-4F24-B392-BA0626049A22@demter.de> In-Reply-To: <2632E87C-F5D4-4F24-B392-BA0626049A22@demter.de> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Nov 2013 01:05:25 -0000 On 11/16/2013 2:41 PM, Jan Demter wrote: > While looking around in the docs, I also noticed that jail(8) has contradicting info on the default ruleset for jails: > devfs_ruleset: "A value of zero (default) means no ruleset is enforced." > mount.devfs: “[…] or a default of ruleset 4: devfsrules_jail […]” > The latter seems to be correct, though it will probably be an empty ruleset as described above. Those parameters control different things. devfs_ruleset is the ruleset that is used if devfs is mounted by a process within the jail (which, as noted, requires specific permission). mount.devfs is only for (the host system) mounting devfs before the jail is created; while it takes its ruleset from devfs_ruleset, it includes a further default of rule 4. I used the default of 4 for mount.devfs's behavior to copy what was already being done in the shell-script-based jail creation in the old rc.d/jail - the goal of much of the "pesudo-parameter" part of jail(8) was to do the same as that script had already done. It would have made sense for devfs_ruleset's original behavior to use ruleset four as well, but I hadn't considered anything user-level at the time. So yes, they have ended up with contradictory behavior, though each alone acts as documented. - Jamie From owner-freebsd-jail@FreeBSD.ORG Sun Nov 17 12:07:00 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 978E7DD5 for ; Sun, 17 Nov 2013 12:07:00 +0000 (UTC) Received: from frv199.fwdcdn.com (frv199.fwdcdn.com [212.42.77.199]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 577D22A63 for ; Sun, 17 Nov 2013 12:06:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ukr.net; s=ffe; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-Id:To:Subject:From:Date; bh=B9OEnyWxNDrLwv+SMmvENTk4RgdOBB0fNdUHK5RpaQ0=; b=ptdFTHeQbh7bs8TgBNOKn81vCay3/CiTCeA54sz5gVHxrWVL7BN2iswuBqGk3JalWMjGB0K5WZmRPgfumeetw4WIHmUZkUu20IGYbZxsuRJ13r6T9xoet1tnh4nyzNiUEOVxi6gG75kXEuDqavj6F2IOchmQfTVfa+QyHwqzSLg=; Received: from [10.10.10.34] (helo=frv34.ukr.net) by frv199.fwdcdn.com with smtp ID 1Vi17p-000HfK-3p for freebsd-jail@freebsd.org; Sun, 17 Nov 2013 14:06:49 +0200 Date: Sun, 17 Nov 2013 14:06:48 +0200 From: wishmaster Subject: 128 Bucket FAILS in vmstat To: freebsd-jail@freebsd.org X-Mailer: mail.ukr.net 5.0 Message-Id: <1384688819.548836783.2n6ugeq6@frv34.ukr.net> MIME-Version: 1.0 Received: from artemrts@ukr.net by frv34.ukr.net; Sun, 17 Nov 2013 14:06:48 +0200 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: binary Content-Disposition: inline X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Nov 2013 12:07:00 -0000 Hi, all! I actively use jails with VIMAGE. All works fine but there is one thing which confuse me. This is vmstat output. vmstat -z: 16 Bucket: 76, 0, 32, 68, 62, 0, 0 32 Bucket: 140, 0, 24, 32, 46, 0, 0 64 Bucket: 268, 0, 25, 45, 117, 0, 0 128 Bucket: 524, 0, 72, 110, 1523, 413, 0 uptime: 13:55 up 23:11, 1 user, load averages: 0,1 0,3 0,2 uname -a FreeBSD sirius.XXX.com 9.2-STABLE FreeBSD 9.2-STABLE #0: Wed Oct 23 07:20:29 EEST 2013 sirius@sirius.XXX.com:/usr/obj/usr/src/sys/MY6 i386 There are about 500 FAILS of "128 Bucket" per-day. Sometime more. In jails there are web apps mostly (nginx+php). What is this? Memory leaks? Gxxgle has not clarified me of this question. Thanks! From owner-freebsd-jail@FreeBSD.ORG Mon Nov 18 11:06:51 2013 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E908DA4B for ; Mon, 18 Nov 2013 11:06:51 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D797D2087 for ; Mon, 18 Nov 2013 11:06:51 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id rAIB6plF009094 for ; Mon, 18 Nov 2013 11:06:51 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id rAIB6paa009092 for freebsd-jail@FreeBSD.org; Mon, 18 Nov 2013 11:06:51 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 18 Nov 2013 11:06:51 GMT Message-Id: <201311181106.rAIB6paa009092@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-jail@FreeBSD.org Subject: Current problem reports assigned to freebsd-jail@FreeBSD.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Nov 2013 11:06:52 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o conf/181650 jail [jail] [patch] /etc/rc.d/jail fails if a kernel built o kern/180916 jail [jail] [regression] jail startup is broken for 8.4 wit o kern/180067 jail [jail] [patch] fix multicast support within jails o bin/178302 jail jail(8): unknown parameter: ip6.addr when kernel compi o kern/176112 jail [jail] [panic] kernel panic when starting jails o kern/174902 jail [jail] jail should provide validator for jail names o bin/173469 jail [jail] regression: security.jail.sysvipc_allowed=1 no o kern/169751 jail [jail] reading routing information does not work in ja o bin/167911 jail new jail(8) problem with removal, ifconfg -alias and k o kern/159918 jail [jail] inter-jail communication failure o kern/156111 jail [jail] procstat -b not supported in jail o misc/155765 jail [patch] `buildworld' does not honors WITHOUT_JAIL o conf/154246 jail [jail] [patch] Bad symlink created if devfs mount poin s conf/142972 jail [jail] [patch] Support JAILv2 and vnet in rc.d/jail o conf/141317 jail [patch] uncorrect jail stop in /etc/rc.d/jail o kern/133265 jail [jail] is there a solution how to run nfs client in ja o kern/119842 jail [smbfs] [jail] "Bad address" with smbfs inside a jail o bin/99566 jail [jail] [patch] fstat(1) according to specified jid 18 problems total. From owner-freebsd-jail@FreeBSD.ORG Tue Nov 19 02:05:19 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 55497D0E; Tue, 19 Nov 2013 02:05:19 +0000 (UTC) Received: from cosmo.uchicago.edu (cosmo.uchicago.edu [128.135.52.97]) by mx1.freebsd.org (Postfix) with ESMTP id 21B552ABC; Tue, 19 Nov 2013 02:05:18 +0000 (UTC) Received: by cosmo.uchicago.edu (Postfix, from userid 48) id 18468CB8C93; Mon, 18 Nov 2013 19:43:56 -0600 (CST) Received: from 128.135.70.2 (SquirrelMail authenticated user valeri) by cosmo.uchicago.edu with HTTP; Mon, 18 Nov 2013 19:43:55 -0600 (CST) Message-ID: <56141.128.135.70.2.1384825435.squirrel@cosmo.uchicago.edu> In-Reply-To: <20131013131901.GA55678@doom-labs.net> References: <20131013105853.GA63463@doom-labs.net> <525A8AB5.9000102@FreeBSD.org> <20131013122217.GA87222@doom-labs.net> <20131013131901.GA55678@doom-labs.net> Date: Mon, 18 Nov 2013 19:43:55 -0600 (CST) Subject: Re: stagedir vs. jail From: "Valeri Galtsev" To: "Ekkehard Gehm" User-Agent: SquirrelMail/1.4.8-5.el5.centos.7 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Cc: freebsd-jail@freebsd.org, freebsd-ports@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.16 Precedence: list Reply-To: galtsev@kicp.uchicago.edu List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Nov 2013 02:05:19 -0000 Hi Ekkehard, Did you find the solution or workaround? Could you point to it of you you found one. As I still have this problem in quite a few on jails, so, it doesn't look like it was solved on jail support or port support level. Thanks. Valeri On Sun, October 13, 2013 7:19 am, Ekkehard Gehm wrote: > A quick addition: > > My Jail is buid exactly as discribed in the jail handbook: > http://www.freebsd.org/doc/handbook/jails-application.html > > So hanging around with this issue because of this staging thing is a bit > *argl* > > Cheers, > > Ekki > > On Sun, 13 Oct 2013, Ekkehard Gehm wrote something like: > >> Ahoi! >> >> On Sun, 13 Oct 2013, Matthew Seaman wrote something like: >> >> > On 13/10/2013 11:58, Ekkehard Gehm wrote: >> > > I resently have some problems installing/updating ports. The main >> > > problem is that the stagedir path is somehow messed up. >> > > >> > > The system is running FreeBSD 9.1-RELEASE-p6 and I'm working in a >> > > jail. While building it creates the stagedir in >> > > /s/portbuild/usr/ports/...../usr/local/ BUT: When it comes to the >> pkg >> > > building it suddently is looking in .../usr-local/.. witch acctualy >> > > is a part of the symlink. (In the jail /usr/local is a symlink to >> > > /s/usr-local). Resulting in an failure. >> > > >> > > The only workiaround is disabling stage completly thru make.conf... >> > > As this is very quick'n'dirty I wonder if there is any other >> > > solution! >> > >> > Your subject line is (perhaps) a bit misleading: this seems to be >> > nothing specific to the use of jails, but due to having sym-links in >> > various paths. It could happen just the same if you laid out your >> host >> > filesystem using sym-links. >> > >> >> Right. That might be... >> >> > Anyhow, this looks like a bug to me -- using sym-links to put your >> > filesystem together should not result in chaos. >> > >> >> >> This is alo my understanding of this issue... >> >> > Are you using pkg(8)? There are differences in the way a package is >> > generated from the staging directory between pkg(8) and pkg_create(1) >> > which might make all the difference. >> > >> >> Here is a short cut out of a build (portmaster portmaster): >> >> install -o root -g wheel -m 444 >> /s/portbuild/usr/ports/ports-mgmt/portmaster/wo >> >> rk/freebsd-portmaster-7359019/files/bash-completions >> /s/portbuild/usr/ports/por >> >> ts-mgmt/portmaster/work/stage/usr/local/etc/bash_completion.d/portmaster.sh >> ====> Compressing man pages >> ===> Building package for portmaster-3.17.2 >> Creating package >> /s/portbuild/usr/ports/ports-mgmt/portmaster/work/portmaster-3. >> 17.2.tbz >> Registering depends:. >> Creating bzip'd tar ball in >> '/s/portbuild/usr/ports/ports-mgmt/portmaster/work/p >> ortmaster-3.17.2.tbz' >> tar: could not chdir to >> '/s/portbuild/usr/ports/ports-mgmt/portmaster/work/stage >> /s/usr-local' >> >> pkg_create: make_dist: tar command failed with code 256 >> *** [do-package] Error code 1 >> >> Stop in /usr/ports/ports-mgmt/portmaster. >> *** [install] Error code 1 >> >> Stop in /usr/ports/ports-mgmt/portmaster. >> >> ===>>> A backup package for portmaster-3.17.1 should >> be located in /var/ports/packages/portmaster-backup >> >> ===>>> Installation of portmaster-3.17.2 (ports-mgmt/portmaster) failed >> ===>>> Aborting update >> >> ===>>> Killing background jobs >> Terminated >> >> ===>>> You can restart from the point of failure with this command line: >> portmaster ports-mgmt/portmaster >> >> ===>>> Exiting >> >> As a result portmaster is not working anymore... >> > Is it all ports that are affected? Does the use of PLIST_FILES or >> > PLIST_DIRS in the port Makefile make any difference compared to having >> a >> > pkg-plist file? >> > >> > A possible work-around: instead of sym-linking /s/usr-local -> >> > /usr/local use a nullfs mount instead. >> > >> > mount -t nullfs /s/usr-local /usr/local >> > >> > (Actually, you'ld probably do that from outside the jail so adjust the >> > paths accordingly.) >> > >> > Another workaround: set up your own poudriere instance to build >> > packages for all your jails. poudriere(8) will create its own jails >> to >> > do package building in, and manage paths etc. itself. It's a natural >> > partner to pkg(8) and zfs(8) but it will work without either of those. >> > >> > Cheers, >> > >> > Matthew >> > >> > -- >> > Dr Matthew J Seaman MA, D.Phil. >> > PGP: http://www.infracaninophile.co.uk/pgpkey >> > >> > >> >> >> >> -- >> Ekkehard Gehm * mailto:gehm@doom-labs.net >> Doom-Labs Inc. * http://www.doom-labs.net >> Frag Content * PGP-Key: >> http://www.physik.tu-berlin.de/~gehm/pubkey.asc >> >> Experience is what you get when you were expecting something else. >> >> Microsoft: "Where do you want to go today?" >> Linux: "Where do you want to go tomorrow?" >> FreeBSD: "Are you guys coming or what?" > > > > -- > Ekkehard Gehm * mailto:gehm@doom-labs.net > Doom-Labs Inc. * http://www.doom-labs.net > Frag Content * PGP-Key: > http://www.physik.tu-berlin.de/~gehm/pubkey.asc > > Experience is what you get when you were expecting something else. > > Microsoft: "Where do you want to go today?" > Linux: "Where do you want to go tomorrow?" > FreeBSD: "Are you guys coming or what?" > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++ From owner-freebsd-jail@FreeBSD.ORG Tue Nov 19 11:39:04 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BE78CD50 for ; Tue, 19 Nov 2013 11:39:04 +0000 (UTC) Received: from mail.high5.nl (mail.high5.nl [IPv6:2a03:6000:880::25]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 86066297B for ; Tue, 19 Nov 2013 11:39:04 +0000 (UTC) Received: from [IPv6:2001:981:ae25::ed07:66cc:70c5:4d15] (unknown [IPv6:2001:981:ae25:0:ed07:66cc:70c5:4d15]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.high5.nl (Postfix) with ESMTPSA id 02EC394DE16 for ; Tue, 19 Nov 2013 12:39:00 +0100 (CET) From: Mischa Peters Content-Type: multipart/mixed; boundary="Apple-Mail=_E240891A-3F7B-4F2B-BD79-56DCE6B80B1A" Subject: Radius Client in a Jail not working Message-Id: <18E86EF8-3887-4222-ADC3-7292E024AD2E@high5.nl> Date: Tue, 19 Nov 2013 12:38:58 +0100 To: freebsd-jail@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 7.0 \(1822\)) X-Mailer: Apple Mail (2.1822) X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Nov 2013 11:39:04 -0000 --Apple-Mail=_E240891A-3F7B-4F2B-BD79-56DCE6B80B1A Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Hi All, Not sure if this is the right forum, if it's not please let me know. I am in the process of setting up a website that requires Radius = authentication. The website is running in a Jail and for some reason the Radius = authentication is failing all the time. With radclient for example: root@test:/root # echo "User-Name=3Duser,User-Password=3D****" | = /usr/local/bin/radclient radiusserver:1812 auth secret radclient: received response to request we did not send. (id=3D25 socket = 3) radclient: received response to request we did not send. (id=3D25 socket = 3) radclient: received response to request we did not send. (id=3D25 socket = 3) radclient: no response from server for ID 25 socket 3 The Radius server is working properly, verified by radclient (as above) = in a non-Jail and in use with multiple network devices. The PHP code that I am using is also working properly, verified in a = non-Jail. Attached. On the network level I can see an Access-Requests being sent to the = Radius server. The Radius server is responding with Access-Accept. On the host I can see the packets coming in but it looks like the Jail = is never receiving them. How can I trouble shoot this further as I am a little stuck. Thanx!! Mischa --Apple-Mail=_E240891A-3F7B-4F2B-BD79-56DCE6B80B1A Content-Disposition: attachment; filename=radius.txt Content-Type: text/plain; x-unix-mode=0644; name="radius.txt" Content-Transfer-Encoding: quoted-printable echo "User-Name=3Dmischa,User-Password=3Dj0rdan23" | = /usr/local/bin/radclient 46.23.80.30:1812 auth blabla= --Apple-Mail=_E240891A-3F7B-4F2B-BD79-56DCE6B80B1A Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=us-ascii --Apple-Mail=_E240891A-3F7B-4F2B-BD79-56DCE6B80B1A--