Date: Wed, 2 May 2012 01:11:27 -0400 From: Jason Hellenthal <jhellenthal@dataix.net> To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: David Thiel <lx@redundancy.redundancy.org>, freebsd-stable@freebsd.org Subject: Re: Jails can't get routing info Message-ID: <20120502051127.GA73032@DataIX.net> In-Reply-To: <597C92B2-02AA-4093-B6A3-B871CCDB70F8@lists.zabbadoz.net> References: <20120501194101.GD66263@redundancy.redundancy.org> <597C92B2-02AA-4093-B6A3-B871CCDB70F8@lists.zabbadoz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, May 01, 2012 at 09:01:33PM +0000, Bjoern A. Zeeb wrote: > On 1. May 2012, at 19:41 , David Thiel wrote: > > > Hello, > > > > So, I've been trying to debug an issue running nmap scans within jails, > > partially documented here: > > > > http://seclists.org/nmap-dev/2012/q2/220 > > > > On further debugging, it's seeming like jails can't read routing > > information directly at all: > > > > # route get 69.163.203.254 > > route: writing to routing socket: No such process > > > > Now, this is normally done via reading the routing table via something like > > socket(PF_ROUTE, SOCK_RAW, AF_INET), so one would suspect that this is a > > problem with raw sockets; but raw sockets are enabled within the jail. > > netstat is able to read routing information just fine, but I don't think > > it's doing it via the socket() call. > > hmm, sure you don't have /dev/mem in the jail? netstat -rn I think is still > using libkvm *sigh* and not the sysctl API. > Good lord I hope this makes it down to stable/8 > > > Anyone know why this behavior might be happening? > > Without thinking too much (as in if I got the right case) I think you are > hitting this one: > > http://svnweb.freebsd.org/base/head/sys/net/rtsock.c?annotate=234572#l792 > > /bz > > -- > Bjoern A. Zeeb You have to have visions! > It does not matter how good you are. It matters what good you do! > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" -- - (2^(N-1))
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120502051127.GA73032>