Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 01 Dec 2006 13:00:02 +0300
From:      Oleg Dambaev <perl@ipchains.ru>
To:        "Eldar T. Zaitov" <eldar@tusur.ru>
Cc:        freebsd-hackers@freebsd.org
Subject:   Re: jail2 patchset 14
Message-ID:  <456FFD22.3050809@ipchains.ru>
In-Reply-To: <456FF73B.8020305@tusur.ru>
References:  200609181750.58145.jhb@freebsd.org <456FF73B.8020305@tusur.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 
Eldar T. Zaitov wrote:
> Have tried Jail2 patchset #14 on 6.2-PRERELEASE, everything compiles and
> works ok, but resolve.
> gethostbyname always returns NULL, but host/dig works ok.
> here's an example:
>
> virtual# host mail.ru
> mail.ru has address 194.67.57.26
> mail.ru mail is handled by 10 mxs.mail.ru.
> virtual# ping mail.ru
> ping: cannot resolve mail.ru: Host name lookup failure
>
> here is some truss output of 'ping mail.ru':
> kqueue()                                         = 4 (0x4)
> socket(PF_INET,SOCK_DGRAM,0)                     = 5 (0x5)
> connect(5,{ AF_INET ***.62.171.***:53 },16)       ERR#22 'Invalid argument'
> close(5)                                         = 0 (0x0)
> socket(PF_INET,SOCK_DGRAM,0)                     = 5 (0x5)
> connect(5,{ AF_INET ***.62.171.***:53 },16)       ERR#22 'Invalid argument'
> close(5)                                         = 0 (0x0)
> close(4)                                         = 0 (0x0)
>
> where
> ***.62.171.***:53 is nameserver;
> ***  is masked ip nodes;
>
> may be I've forgotten something?
> thank you.
Hope this would help you:
sysctl security.jail.allow_raw_sockets=1

man 8 jail

GL

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?456FFD22.3050809>