From owner-freebsd-questions@FreeBSD.ORG  Thu May 15 00:10:55 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 548EC37B401
	for <questions@freebsd.org>; Thu, 15 May 2003 00:10:55 -0700 (PDT)
Received: from smtp.hispeed.ch (isp247n.hispeed.ch [62.2.95.247])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E3C9343F3F
	for <questions@freebsd.org>; Thu, 15 May 2003 00:10:53 -0700 (PDT)
	(envelope-from locus@hispeed.ch)
Received: from rock.stable.ch (dclient217-162-34-199.hispeed.ch
	[217.162.34.199])h4F7Ap9e026905
	(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO)
	for <questions@freebsd.org>; Thu, 15 May 2003 09:10:52 +0200
Received: from locus by rock.stable.ch with local (Exim 3.33 #1)
	id 19GCt4-0003ga-00
	for questions@freebsd.org; Thu, 15 May 2003 09:10:46 +0200
Date: Thu, 15 May 2003 09:10:46 +0200
From: Thomas Spreng <spreng@socket.ch>
To: questions@freebsd.org
Message-ID: <20030515071046.GA13951@rock.stable.ch>
Mail-Followup-To: questions@freebsd.org
References: <Law9-F52ka4ZxNIeA8U000216c2@hotmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Law9-F52ka4ZxNIeA8U000216c2@hotmail.com>
User-Agent: Mutt/1.4i
Sender: locus <locus@hispeed.ch>
Subject: Re: jail
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 15 May 2003 07:10:55 -0000

hi,

> 2) I am having trouble connecting jail to the internet.
> here is an output of my ifconfig
> harry@requiem:/home/harry# ifconfig rl0
> rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>        inet 209.94.197.222 netmask 0xffffffe0 broadcast 209.94.197.223
>        inet6 fe80::230:f1ff:fe44:9768%rl0 prefixlen 64 scopeid 0x1
>        inet 192.168.1.223 netmask 0xffffff00 broadcast 192.168.1.255
>        ether 00:30:f1:44:97:68
>        media: Ethernet autoselect (10baseT/UTP)
>        status: active

afaik, inet aliases need a netmask of 0xffffffff.

> This is how i start jail
> harry@requiem:/home/harry# cat /usr/local/etc/rc.d/jail.sh
> #!/bin/sh
> mount -t procfs proc /usr/jail1/proc
> jail /usr/jail1 jailhost.requiem.digi-data.com 192.168.1.223 /bin/sh /etc/rc
> -
> I HAD this entry in my ipnat.conf but it hangs my connection
> harry@requiem:/home/harry# cat /etc/ipnat.conf
> map rl0 209.94.197.222/32 -> 192.168.1.223/32

your nat mapping doesn't make much sense to me. You might want to map your internal ip
adress(es) to your external one. Which would result in the following ipnat rule:
map rl0 192.168.1.223/32 -> 0.0.0.0/32

cheers,
	tom