From owner-freebsd-questions@freebsd.org Tue Aug 16 20:45:43 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B95BCBBB3A8 for ; Tue, 16 Aug 2016 20:45:43 +0000 (UTC) (envelope-from lists@bertram-scharpf.de) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.135]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1A4CC116E for ; Tue, 16 Aug 2016 20:45:42 +0000 (UTC) (envelope-from lists@bertram-scharpf.de) Received: from becker.bs.l ([85.180.10.14]) by mrelayeu.kundenserver.de (mreue003) with ESMTPSA (Nemesis) id 0Ll1ub-1b1Wsw4B65-00amlR for ; Tue, 16 Aug 2016 22:45:40 +0200 Received: from bsch by becker.bs.l with local (Exim 4.87 (FreeBSD)) (envelope-from ) id 1bZlEx-0000ZH-Hd for freebsd-questions@freebsd.org; Tue, 16 Aug 2016 22:45:39 +0200 Date: Tue, 16 Aug 2016 22:45:39 +0200 From: Bertram Scharpf To: freebsd-questions@freebsd.org Subject: Re: Cannot ping6 inside jail Message-ID: <20160816204539.GA467@becker.bs.l> Mail-Followup-To: freebsd-questions@freebsd.org References: <20160816191547.GA87631@becker.bs.l> <57B36DDB.9050506@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <57B36DDB.9050506@gmail.com> User-Agent: Mutt/1.6.1 (2016-04-27) Sender: Bertram Scharpf X-Provags-ID: V03:K0:GIvNdzCzTk8+ZOeTZdIDTCUnrNqH/Q74WnPJzHB92H+uUGnOhpt ByU//DI9v8J4QAlSkJW54WGqsjeN8TUB8XXp6bJEISOF2H4cM4uvLq2xGvZtMB/mtAWOcGs pocK6vCY4OJMQ8rUEuAyogS7TY9Pr9nO0X8iGMpbRGYj01up1OCUVRWUd67oWmDLSS8XXx8 kWk2ySeSZgmQU35J4IvMw== X-UI-Out-Filterresults: notjunk:1;V01:K0:rz+n8FdVTLU=:zE6W1KkebDQX5NUfEj+tax ZSqrY3H6JILsg06DicyO+M/sUiBUG/sFuJZUUuRImHrXkTzBSuaZsyIFMo49RTmmEa+RrEeQb WOsr/cYjvEqncB6q+0dQzzvjax29o07UEgdj2z6WUWxjIClexMt2ahNW3PYqUGr2l+GbfuZMt OVyzIgVNPbQZ/oo6PtGDWoVrnjWY8I9JgQYnsA4VognY2anUO68byvYw9FX8W2miYRxqlD8KM EUvHgwkDIxtihwZbaODoK0LlcMCIZEQppTAfA3iJ1X6pGMMomN3LLpvgvMrX1VHpkLQps6WEA K6TW31qmZ9P9JPnrI11I7zCymQOhLoO6V65w4eP6U6YOIoLIAtplwA6RkCk87pZdQJGqG8ryr rmTGao3E3cdXBu1qgJqQohyHtBR67NvE8OsGYCcZKL/ffD3hSKIHvdjEZbEYitXD3DBWDrQ8v dyG8lnMdzSjIwgZXKiCDyWMGQvNB5HWayKw+AlGYWxuziC9qKvU6nwbmepK7Prl3gq6hER30p B2epn6n6RYJVnOUsW/ReZHSaRmI8jNwlCE7N7GE0hsqPvaHliQo6Fv/YR/0LmQ99u2N6mVtJy aICUEhrQaF7kZ5ZICDeG0aDk+UCaUU9INeOmcXH5EHtPqE2p71c3l1OkIFoEa9ByAXNtGjK8S 7tLTuHuq+ph0FtZh6jtlY/HycfKHeQNtmfH7rGMG+PB2p60/JVsKc8zWcWee/g0gwBl4= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Aug 2016 20:45:43 -0000 On Tuesday, 16. Aug 2016, 15:47:39 -0400, Ernie Luzar wrote: > Bertram Scharpf wrote: > > > > Inside a jail: > > > > # ping6 ::1 > > ping6: socket: Protocol not supported > > > > When I ask "ifconfig", there are no IPv6 adresses. > > > > What did I miss? > > If your talking about issuing the ping command from within a non-vimage > jail then its denied by design as a security risk. You have to enable > allow.raw.sockets to get ping command to work. I _had_ set "allow.raw_sockets = 1;" in "jail.conf". I say # sysctl security.jail.allow_raw_sockets=1 # service jail restart myjail but still I see # ping6 ::1 ping6: socket: Protocol not supported and # ifconfig | grep inet6 | wc -l 0 and # telnet ::1 80 Trying ::1... telnet: socket: Protocol not supported Bertram -- Bertram Scharpf Stuttgart, Deutschland/Germany http://www.bertram-scharpf.de