From owner-freebsd-hackers@FreeBSD.ORG  Fri Dec  1 10:01:59 2006
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: freebsd-hackers@freebsd.org
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 4A5AA16A403
	for <freebsd-hackers@freebsd.org>; Fri,  1 Dec 2006 10:01:59 +0000 (UTC)
	(envelope-from perl@ipchains.ru)
Received: from hermes.hw.ru (hermes.hw.ru [80.68.240.91])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6DD4443CA2
	for <freebsd-hackers@freebsd.org>; Fri,  1 Dec 2006 10:01:45 +0000 (GMT)
	(envelope-from perl@ipchains.ru)
Received: from [80.68.244.38] (account odambaev@rbc.ru [80.68.244.38] verified)
	by hermes.hw.ru (CommuniGate Pro SMTP 5.0.10)
	with ESMTPA id 148743174; Fri, 01 Dec 2006 13:01:55 +0300
Message-ID: <456FFD22.3050809@ipchains.ru>
Date: Fri, 01 Dec 2006 13:00:02 +0300
From: Oleg Dambaev <perl@ipchains.ru>
User-Agent: Thunderbird 1.5.0.5 (X11/20060831)
MIME-Version: 1.0
To: "Eldar T. Zaitov" <eldar@tusur.ru>
References: 200609181750.58145.jhb@freebsd.org <456FF73B.8020305@tusur.ru>
In-Reply-To: <456FF73B.8020305@tusur.ru>
Content-Type: text/plain; charset=KOI8-R; format=flowed
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Fri, 01 Dec 2006 12:45:18 +0000
Cc: freebsd-hackers@freebsd.org
Subject: Re: jail2 patchset 14
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Dec 2006 10:01:59 -0000

Eldar T. Zaitov wrote:
> Have tried Jail2 patchset #14 on 6.2-PRERELEASE, everything compiles and
> works ok, but resolve.
> gethostbyname always returns NULL, but host/dig works ok.
> here's an example:
>
> virtual# host mail.ru
> mail.ru has address 194.67.57.26
> mail.ru mail is handled by 10 mxs.mail.ru.
> virtual# ping mail.ru
> ping: cannot resolve mail.ru: Host name lookup failure
>
> here is some truss output of 'ping mail.ru':
> kqueue()                                         = 4 (0x4)
> socket(PF_INET,SOCK_DGRAM,0)                     = 5 (0x5)
> connect(5,{ AF_INET ***.62.171.***:53 },16)       ERR#22 'Invalid argument'
> close(5)                                         = 0 (0x0)
> socket(PF_INET,SOCK_DGRAM,0)                     = 5 (0x5)
> connect(5,{ AF_INET ***.62.171.***:53 },16)       ERR#22 'Invalid argument'
> close(5)                                         = 0 (0x0)
> close(4)                                         = 0 (0x0)
>
> where
> ***.62.171.***:53 is nameserver;
> ***  is masked ip nodes;
>
> may be I've forgotten something?
> thank you.
Hope this would help you:
sysctl security.jail.allow_raw_sockets=1

man 8 jail

GL