Date: Thu, 12 Aug 2010 16:48:51 +0000 (GMT) From: Brice ERRANDONEA <berrandonea@yahoo.fr> To: freebsd-questions@FreeBSD.ORG Subject: Re : Re : Re : How to connect a jail to the web ? Message-ID: <827393.30460.qm@web24601.mail.ird.yahoo.com> In-Reply-To: <201008121552.o7CFqOIM097376@lurza.secnetix.de> References: <201008121552.o7CFqOIM097376@lurza.secnetix.de>
next in thread | previous in thread | raw e-mail | index | archive | help
> Where did you get that second IP address from? Did you just > add it manually? Or is that the address that your gateway > (DSL router, whatever) got assigned from your ISP? I added it manually in rc.conf (on the host) : hostname="FreeBSD.ici" ifconfig_rl0="DHCP" keymap="fr.iso.acc" (yes, I'm french) moused_enable="YES" saver="dragon" hald_enable="YES" dbus_enable="YES" devfs_system_ruleset="localrules" jail_enable="NO" jail_list="MaPrison" jail_interface="rl0" jail_devfs_ruleset="devfsrules_jail" jail_devfs_enable="YES" jail_server_rootdir="/usr/prison" jail_server_hostname="MaPrison" jail_server_ip="93.0.168.242" I choosed it because that's my computer's public ip, at least according to this website : http://whatismyipaddress.com/ > I assume that IP address is not really routed to your host, > but that NAT (Network Address Translation) is used on your > router. So you cannot use that address on the host. > (If that's not true, please exlain the structure of your > network in more detail.) My "network" is VERY simple. I've got a modem (or "box") provided by my phone company. It's called a "neufbox" and acts as a gateway. The computer with FreeBSD is connected to this "box" through an ethernet cable. Two other computers are connected to it via wifi. > So, if my assumptions are true, you must use the address > 192.168.1.38 for your jail. Make sure that DNS is working > inside the jail ... It should be sufficient to copy > /etc/resolv.conf from the host to /usr/prison/etc/resolv.conf OK, I'll try this. > If it still doesn't work: Are you using any packet filter > (ipfw, ipf, pf)? If so, please show the complete list of > rules. No, I don't. I've tried pf but you told it was not necessary. > Otherwise, it might help to run tcpdump(1) on the host, so > you can see the actual packets that are transmitted and > received. Allright. I try it too. Good bye for the moment and thanks for your help. Brice
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?827393.30460.qm>