Date: Tue, 1 May 2012 21:01:33 +0000 From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: David Thiel <lx@redundancy.redundancy.org> Cc: freebsd-stable@freebsd.org Subject: Re: Jails can't get routing info Message-ID: <597C92B2-02AA-4093-B6A3-B871CCDB70F8@lists.zabbadoz.net> In-Reply-To: <20120501194101.GD66263@redundancy.redundancy.org> References: <20120501194101.GD66263@redundancy.redundancy.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 1. May 2012, at 19:41 , David Thiel wrote: > Hello, >=20 > So, I've been trying to debug an issue running nmap scans within = jails,=20 > partially documented here: >=20 > http://seclists.org/nmap-dev/2012/q2/220 >=20 > On further debugging, it's seeming like jails can't read routing=20 > information directly at all: >=20 > # route get 69.163.203.254 > route: writing to routing socket: No such process >=20 > Now, this is normally done via reading the routing table via something = like=20 > socket(PF_ROUTE, SOCK_RAW, AF_INET), so one would suspect that this is = a=20 > problem with raw sockets; but raw sockets are enabled within the jail.=20= > netstat is able to read routing information just fine, but I don't = think=20 > it's doing it via the socket() call. hmm, sure you don't have /dev/mem in the jail? netstat -rn I think is = still using libkvm *sigh* and not the sysctl API. > Anyone know why this behavior might be happening? Without thinking too much (as in if I got the right case) I think you = are hitting this one: = http://svnweb.freebsd.org/base/head/sys/net/rtsock.c?annotate=3D234572#l79= 2 /bz --=20 Bjoern A. Zeeb You have to have visions! It does not matter how good you are. It matters what good you do!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?597C92B2-02AA-4093-B6A3-B871CCDB70F8>