From owner-freebsd-jail@FreeBSD.ORG  Thu Nov 11 08:31:34 2010
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: freebsd-jail@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B35FB106566C
	for <freebsd-jail@freebsd.org>; Thu, 11 Nov 2010 08:31:34 +0000 (UTC)
	(envelope-from antinix@gmail.com)
Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com
	[209.85.216.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 677278FC18
	for <freebsd-jail@freebsd.org>; Thu, 11 Nov 2010 08:31:34 +0000 (UTC)
Received: by qwj8 with SMTP id 8so804788qwj.13
	for <freebsd-jail@freebsd.org>; Thu, 11 Nov 2010 00:31:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:mime-version:sender:received
	:in-reply-to:references:from:date:x-google-sender-auth:message-id
	:subject:cc:content-type:content-transfer-encoding;
	bh=yTegnH6yC4YQefJh80Gs2d8xRu8sruVKiUw2FkgJfkU=;
	b=odAvVtLOp1ydyAmNLeQgkF+Xho/bhBnQOJ0fcUIVEUURc4y1pvU1VppWDoD3rp+oDQ
	vbJNgnajrvH0nWASfvb9hzFkSIBGTCsMd5iEQuGynCTdw5cEIJkBxKQipqksoXtT1LoT
	XyhbrDXcIOxTUYjvSB9kFuHMFveFZCld8vFXA=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:sender:in-reply-to:references:from:date
	:x-google-sender-auth:message-id:subject:cc:content-type
	:content-transfer-encoding;
	b=NAZWuZzAf/X27JnIWAVcd/1pXx5vF0n2jGaEDCcnrM/Dlpos9UujILs6s0f503mw0v
	SexUUqwi27USlP0AdvU08GgBbIZTsS+P2o8kUhHu8+EmWQDLpcLs2scg2vb94DY5A3e0
	TNBEOYS7pzw9wvNxdXCrl1i5Tc1xFpnMIBpDA=
Received: by 10.229.82.10 with SMTP id z10mr566045qck.98.1289464292443; Thu,
	11 Nov 2010 00:31:32 -0800 (PST)
MIME-Version: 1.0
Sender: antinix@gmail.com
Received: by 10.229.216.144 with HTTP; Thu, 11 Nov 2010 00:31:12 -0800 (PST)
In-Reply-To: <4CDADA88.5000706@secnap.com>
References: <AANLkTinVQ8=9O9Vm4rH_OpQhsX3YotTtGZM=nV-em_EX@mail.gmail.com>
	<4CDADA88.5000706@secnap.com>
From: Andrei Kolu <antik@bsd.ee>
Date: Thu, 11 Nov 2010 10:31:12 +0200
X-Google-Sender-Auth: -_EJFC-yrW9ORRyiOYkuMH_m9tQ
Message-ID: <AANLkTikHsjvm+uT9-n=XrgaOAUQe424+SVoGM2uHWbLy@mail.gmail.com>
Cc: freebsd-jail@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Subject: Re: loopback in jail
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Nov 2010 08:31:34 -0000

2010/11/10 Michael Scheidell <michael.scheidell@secnap.com>
>
> for amavisd-new, right?
>
>
> On 11/10/10 12:16 PM, Andrei Kolu wrote:
>
> Hi,
>
> I have problem with binding port to localhost inside of jail (ezjail).
>
> can only have one '127.0.0.1'.=A0 even with vnet, I am sure.
>
>
> /usr/local/etc/amavisd.conf:$inet_socket_port =3D 10024;
> should be fine.
> however, you also need this:
>
> @inet_acl =3D ( qw [ 0.0.0.0/0 ] );
>
> plus a lot of things.=A0 We have a commercial hosted email security produ=
ct with multiple dozens of amavisd based VPS's and it took a while to get i=
t to work.
> try the amavisd users group as well.
>
> --
> Michael Scheidell, CTO

I see. But I am testing right now kernel with "options VIMAGE" and
here is the results:

# ifconfig epair create
# jail -c vnet name=3Dtest1 host.hostname=3Dtest1 path=3D/ persist
# ifconfig epair0b vnet 1
# jexec 1 ifconfig epair0b 192.168.11.2
# jexec 1 ifconfig

lo0: flags=3D8008<LOOPBACK,MULTICAST> metric 0 mtu 16384
        options=3D3<RXCSUM,TXCSUM>
epair0b: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu =
1500
        ether 02:62:68:00:05:0b
        inet 192.168.11.2 netmask 0xffffff00 broadcast 192.168.11.255
        inet6 fe80::62:68ff:fe00:50b%epair0b prefixlen 64 scopeid 0x2
        nd6 options=3D3<PERFORMNUD,ACCEPT_RTADV>

Now I'll try to configure localhost!

# jexec 1 ifconfig lo0 localhost

Let me see what's happened
# jexec 1 ifconfig

lo0: flags=3D8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=3D3<RXCSUM,TXCSUM>
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
        nd6 options=3D3<PERFORMNUD,ACCEPT_RTADV>
epair0b: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu =
1500
        ether 02:62:68:00:05:0b
        inet6 fe80::62:68ff:fe00:50b%epair0b prefixlen 64 scopeid 0x2
        inet 192.168.11.2 netmask 0xffffff00 broadcast 192.168.11.255
        nd6 options=3D3<PERFORMNUD,ACCEPT_RTADV>

Wow, I have local ip address now. Can't do same thing without VIMAGE

# ifconfig lo0 localhost
ifconfig: ioctl (SIOCDIFADDR): permission denied

This is only preliminary testing but things are looking quite different I g=
uess.

FreeBSD 8.1-STABLE #1: Thu Nov 11 09:36:29 EET 2010