From owner-freebsd-jail@freebsd.org Sun Dec 13 07:51:00 2015 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 13B72A14789 for ; Sun, 13 Dec 2015 07:51:00 +0000 (UTC) (envelope-from sodynet1@gmail.com) Received: from mail-lf0-x22d.google.com (mail-lf0-x22d.google.com [IPv6:2a00:1450:4010:c07::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7831D1FBC for ; Sun, 13 Dec 2015 07:50:59 +0000 (UTC) (envelope-from sodynet1@gmail.com) Received: by lfdl133 with SMTP id l133so101680066lfd.2 for ; Sat, 12 Dec 2015 23:50:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=i0wHkMSySZgr08clZfc9jjp57PLCiwntZ5MHGNVfq8U=; b=AGi8+x3NcxGa6Qs4duCf1RzWD4SoBAwdV+6bJLl2ZwxWyb1l1g7WH3k3Sh+u2PE2Mr hZDvTA3jISPycJngyvocUiSncrrt93RrIg9ToyKzPXoch3eLQ1trTE1JE+DmfwqqoQH+ bE0WfhghDefSCdkFslOcq5ijMWDaXiwAVVF0CuOkfMt1n9Q89mMtfV7gGQZnxne7xO/X CebwIPPC4P1ORwAIu7L3piJNJr+OqvgkbpVUMd5aZ0R8uc2/S5r89z+tXnYmJm8Gi4RN GO4YsDf+D3vIGgv8H3yZ6Fl+iIKUDC0OTRc7vJwB8U5bqlejUeEU8z4M2/SoISYuPPpU r7lA== MIME-Version: 1.0 X-Received: by 10.25.151.133 with SMTP id z127mr10707602lfd.105.1449993056279; Sat, 12 Dec 2015 23:50:56 -0800 (PST) Received: by 10.112.93.194 with HTTP; Sat, 12 Dec 2015 23:50:55 -0800 (PST) Received: by 10.112.93.194 with HTTP; Sat, 12 Dec 2015 23:50:55 -0800 (PST) In-Reply-To: <566D05DD.9080201@gmail.com> References: <566B67F7.1090404@gmail.com> <566B5CB6.8050009@erdgeist.org> <566B7D7E.2070507@gmail.com> <566B8183.3080306@gmail.com> <1449888253.23602.14.camel@michaeleichorn.com> <1449889151.23602.24.camel@michaeleichorn.com> <566D05DD.9080201@gmail.com> Date: Sun, 13 Dec 2015 09:50:55 +0200 Message-ID: Subject: Re: Configuring network without ezjail From: Sami Halabi To: marcel Cc: freebsd-jail@freebsd.org, Dirk Engling , "Michael B. Eichorn" Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Dec 2015 07:51:00 -0000 hi, I think you need to configure the ip in the host first kater it'll be seen in the jail. using rf 1918 addreses means you need NAT in your router to have access the internet. rather than that using the term 'routing' is incorrecg unless you have multiple hops to get the packets to the router. Sami =D7=91=D7=AA=D7=90=D7=A8=D7=99=D7=9A 13 =D7=91=D7=93=D7=A6=D7=9E=D7=B3 2015= 6:45 AM,=E2=80=8F "marcel" =D7=9B=D7=AA=D7=91: > > > On 12/12/2015 02:59, Michael B. Eichorn wrote: > > On Fri, 2015-12-11 at 21:44 -0500, Michael B. Eichorn wrote: > >> On Sat, 2015-12-12 at 02:08 +0000, marcel wrote: > >>> ... and I think I have enabling gateway, I wrote thins in both of > >>> my > >>> rc.conf (jail and host): > >>> > >>> gateway_enable=3D"YES" > >>> > >>> Is it correct ? > >> You only need gateway_enable if you are doing routing, it is not > >> necessary for a typical jail setup. Most of the time you are just > >> adding an alias to the host's nic. > OK so if I want to my jail can access to internet I have to do routing, > right ? > >>> But I don't think I have DNS problems, my host correctly access to > >>> the > >>> internet and the resolv.conf of my jail and my host are same... > >>> > >>> On 12/12/2015 01:50, marcel wrote: > >>>> No I don't get to have an IP address... Yet I have writed this in > >>>> my > >>>> host's rc.conf: > >>>> > >>>> jail_enable=3D"YES" > >>>> jail_list=3D"thename" > >>>> jail_guantanamo_rootdir=3D"thepath" > >>>> jail_guantanamo_hostname=3D"thename" > >>>> jail_guantanamo_ip=3D"192.168.0.12" > >>>> > >>>> and I use the command: > >>>> > >>>> jail thepath thename 192.168.0.12 /bin/csh > >>>> > >>>> to connect to my jail... > >>>> > >>>> On 11/12/2015 23:31, Dirk Engling wrote: > >>>>> On 12.12.15 01:19, marcel wrote: > >>>>> > >>>>>> I would like to know if it is possible to configure a jail's > >>>>>> network for > >>>>>> accessing to the World Wide Web but without ezjail ? > >>>>>> I have created my jail without ezjail (mkdir jail, make > >>>>>> installworld, > >>>>>> etc...) and I would like to continue without it if it's > >>>>>> possible... > >>>>> Sure, why doesn't it connect to the net? Does it have a RFC1918 > >>>>> IP? If > >>>>> so, you need to enable NAT. If not, did you enable gatewaying? > >>>>> Maybe you > >>>>> just have DNS problems, so is your resolv.conf set up properly? > >>>>> > >>>>> Without knowing what exactly is not working, I can not help > >>>>> you. > >>>>> > >>>>> erdgeist > >> I think you found some old instructions, assuming a 10.x system here > >> is > >> the boilerplate for a typical jail: > >> > >> rc.conf: > >> > >> jail_enable=3D"YES" > >> > >> jail.conf: > >> > >> interface =3D re0; > >> mount.devfs; > >> exec.start =3D "/bin/sh /etc/rc"; > >> exec.stop =3D "/bin/sh /etc/rc.shutdown"; > >> > >> thenameofthejail { > >> host.hostname =3D host.domain.tld; > >> path =3D /the/path/to/the/jail > >> ip4.addr =3D 192.168.0.12; > >> } > >> > >> and start it up with > >> > >> # jail -c thenameofthejail > >> > >> And another handy tip you can avoid building a jail with make by > >> extacting the base.txz file found in places like the install media > >> into > >> the jail directory > OK, so my jail.conf look like your jail.conf and when I type jls my jail > have the IP 192.168.0.12 but when I type ifconfig in my jail I have no > ip... > > Oh and before I forget, the trickiest thing for me moving from ezjail > > to jail was updating. Assuming your jails are complete base systems and > > that you would like to use binary updates with freebsd-update, and you > > have completely sparated jails without any funny tricks to save space, > > here is Ike's simple jail update guide: > > > > edit the jail's freebsd-update.conf and change > > > > Components src world kernel > > -to- > > Components world > > > > then run freebsd-update like so: > > > > # freebsd-update -b /usr/jails/jaildir \ > > -f usr/jails/jaildir/etc/freebsd-update.conf \ > > -d /usr/jails/jaildir/var/db/freebsd-update fetch > > # freebsd-update -b /usr/jails/jaildir \ > > -f /usr/jails/jaildir/etc/freebsd-update.conf \ > > -d /usr/jails/jaildir/var/db/freebsd-update install > > > > Using the -f flag keeps the jail from using the host config since jails > > cannot update kernels anyway. And -d keeps jails and hosts from > > trampling each other which is nice if you want to do more than one at a > > time, or if you use freebsd-update cron. > Thanks for tip ! > _______________________________________________ > freebsd-jail@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" >