Date: Tue, 5 Aug 2003 18:58:08 +0300 From: "stakys" <stakys@punktas.lt> To: <hnunez@vianetworks.com.ar>, <freebsd-security@freebsd.org> Subject: Re: Problems with JAIL in 4.8R Message-ID: <01ea01c35b6a$5d67a380$0900a8c0@ss> References: <53210.81.7.109.95.1060089623.squirrel@mail.impress.lt><200308051631.52531.cox@rosnet.ru><00f701c35b57$cf704670$0900a8c0@ss><02be01c35b60$948136b0$330c3dc8@ms.vianetworks.net.ar><01bc01c35b68$14ebf400$0900a8c0@ss> <041101c35b69$0eb9b0d0$330c3dc8@ms.vianetworks.net.ar>
next in thread | previous in thread | raw e-mail | index | archive | help
I've set in my resolv.conf the same nameservers as in main system, and in jailed system /etc/hosts file i've set this: JAILED_OUTSIDE_IP clnt.xxx.com clnt Also file hosts.allow i do not use. ----- Original Message ----- From: "Hernan Nunez" <hnunez@vianetworks.com.ar> To: "stakys" <stakys@punktas.lt>; <freebsd-security@freebsd.org> Sent: Tuesday, August 05, 2003 6:48 PM Subject: Re: Problems with JAIL in 4.8R > Do you have configured your /etc/resolv.conf and /etc/hosts ?? > Do you use /etc/hosts.allow ?? > > ----- Original Message ----- > From: "stakys" <stakys@punktas.lt> > To: <hnunez@vianetworks.com.ar>; <freebsd-security@freebsd.org> > Sent: Tuesday, August 05, 2003 12:41 PM > Subject: Re: Problems with JAIL in 4.8R > > > > I've tried in debug mode but do not gives any error when i get the > timeout, > > also my netmask set as you said. Any ideas how to solve it? > > ----- Original Message ----- > > From: "Hernan Nunez" <hnunez@vianetworks.com.ar> > > To: <freebsd-security@freebsd.org> > > Sent: Tuesday, August 05, 2003 5:48 PM > > Subject: Re: Problems with JAIL in 4.8R > > > > > > > Try using sshd in debug mode [SSHD(8)]. Inside the jail run sshd -ddd, > > > setting up ListenAddress jail.ip.addr in your sshd_config .,., > > > > > > Tip: > > > If you are using , in your jail, an ip addr (alias address) from the > same > > > network than outside you must use a host mask 255.255.255.255 in your > > alias > > > addrs.,., > > > > > > Hernan > > > > > > > > > ----- Original Message ----- > > > From: "stakys" <stakys@punktas.lt> > > > To: "Konstantin M Volevatch" <cox@rosnet.ru>; > > <freebsd-security@freebsd.org> > > > Sent: Tuesday, August 05, 2003 10:45 AM > > > Subject: Re: Problems with JAIL in 4.8R > > > > > > > > > > Didn't help. Any more suggesstions about solving this problem? > > > > ----- Original Message ----- > > > > From: "Konstantin M Volevatch" <cox@rosnet.ru> > > > > To: <stakys@punktas.lt>; <freebsd-security@freebsd.org> > > > > Sent: Tuesday, August 05, 2003 3:31 PM > > > > Subject: Re: Problems with JAIL in 4.8R > > > > > > > > > > > > > Try this: > > > > > ipfw add 52 allow ip from any to me via rl0 > > > > > > > > > > В сообщении от 5 Август 2003 17:20 stakys@punktas.lt написал: > > > > > > On Tue, Aug 05, 2003 at 12:56:36PM -0000, stakys@punktas.lt wrote: > > > > > > > Hi, i've set the outside ip for the jail..It works.. When i try > to > > > ssh > > > > to > > > > > > > jail'ed system from the main system (in which is created jail) > the > > > > > > > connection is successful, but when i try to connect to jailed > > system > > > > from > > > > > > > anywhere else i get this message: > > > > > > > ssh: connect to host IP_NUMBER port 22: Operation timed out > > > > > > > What can be wrong here? How to solve this problem? > > > > > > > > > > > > > >>Are you running some sort of firewall on the main system? You > > might > > > > > > >>have to add additional rules allowing SSH into the jailed one... > > > > > > >> > > > > > > >>G'luck, > > > > > > >>Peter > > > > > > > > > > > > I'm running IPFW but i put such a lines to ipfw.rules to be sure > > that > > > > it's > > > > > > not firewall's fault, about connecting to jail'ed system from > > outside. > > > > > > Here are the lines: > > > > > > ipfw add 50 allow ip from any to any via lo0 > > > > > > ipfw add 51 allow ip from any to any via rl0 > > > > > > _______________________________________________ > > > > > > freebsd-security@freebsd.org mailing list > > > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > > > > To unsubscribe, send any mail to > > > > "freebsd-security-unsubscribe@freebsd.org" > > > > > > > > > > -- > > > > > Konstantin M. Volevatch <cox@rosnet.ru> > > > > > Internet Service Division, RosNet JSC, Moscow > > > > > (095) 7813332 [local:4341] > > > > > > > > > > > > > _______________________________________________ > > > > freebsd-security@freebsd.org mailing list > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > > To unsubscribe, send any mail to > > > "freebsd-security-unsubscribe@freebsd.org" > > > > > > > > > > _______________________________________________ > > > freebsd-security@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > To unsubscribe, send any mail to > > "freebsd-security-unsubscribe@freebsd.org" > > > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01ea01c35b6a$5d67a380$0900a8c0>