From owner-freebsd-jail@FreeBSD.ORG Wed Jan 4 08:54:22 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 909C51065675 for ; Wed, 4 Jan 2012 08:54:22 +0000 (UTC) (envelope-from nvass@gmx.com) Received: from mailout-eu.gmx.com (mailout-eu.gmx.com [213.165.64.42]) by mx1.freebsd.org (Postfix) with SMTP id F38F38FC13 for ; Wed, 4 Jan 2012 08:54:21 +0000 (UTC) Received: (qmail invoked by alias); 04 Jan 2012 08:54:19 -0000 Received: from adsl-211.109.242.180.tellas.gr (EHLO [192.168.73.192]) [109.242.180.211] by mail.gmx.com (mp-eu003) with SMTP; 04 Jan 2012 09:54:19 +0100 X-Authenticated: #46156728 X-Provags-ID: V01U2FsdGVkX1+y8RoGFm+ypSD6XYhLFksAi8reF5+rG7+nQJ4bd+ BnXjRqYT+fIPWj Message-ID: <4F0413B1.3040308@gmx.com> Date: Wed, 04 Jan 2012 10:54:09 +0200 From: Nikos Vassiliadis User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10 MIME-Version: 1.0 To: Andrew Hotlab References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 Cc: FreeBSD-Jail Subject: Re: jailed process listening on host addresses X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jan 2012 08:54:22 -0000 On 1/4/2012 3:10 AM, Andrew Hotlab wrote: > I noticed a strange behavior some days ago, but I can't say how much > long it have been happening for. Some processes which are running in > different jails on the same host seems to be listening on all host IPs. > Here is an example: > > #sockstat -4l | grep "4 \*:" > root mDNSRespon 69801 3 udp4 *:45258 *:* > root mDNSRespon 69801 4 udp4 *:5353 *:* > root unfsd 69761 3 udp4 *:2049 *:* > root unfsd 69761 4 tcp4 *:2049 *:* > root rpcbind 69703 7 udp4 *:111 *:* > root rpcbind 69703 8 udp4 *:732 *:* > root rpcbind 69703 9 tcp4 *:111 *:* > 921 transmissi 29851 10 udp4 *:* *:* > 931 asterisk 29805 25 udp4 *:* *:* > > > It's happening on several host right now (all are running FreeBSD/amd64 > 8.2-RELEASE-p5), with both UDP and TCP listeners. Any jail is using a > single unicast IP address. I really hope to miss something important... > or should I guess that these processes are "escaping" from the jails?! :S > > Thank very much for any explanation anyone would be so kind to give me. Could you share more about your setup? ifconfig, jls, ps in the jail, commands given to create the jail... I tried to reproduce the problem on a amd64 8.2-RELEASE, without success. > callisto# ifconfig em0 > em0: flags=8843 metric 0 mtu 1500 > options=9b > ether 08:00:27:a0:7a:90 > inet 192.168.73.194 netmask 0xffffff00 broadcast 192.168.73.255 > inet 192.168.73.128 netmask 0xffffff00 broadcast 192.168.73.255 > media: Ethernet autoselect (1000baseT ) > status: active > callisto# jail -c name=test persist ip4.addr=192.168.73.128 > callisto# jls > JID IP Address Hostname Path > 2 192.168.73.128 / > callisto# jexec test nc -lu 20000 & > [1] 1130 > callisto# sockstat -4l > USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS > root nc 1130 3 udp4 192.168.73.128:20000 *:* > root sendmail 857 4 tcp4 127.0.0.1:25 *:* > root sshd 849 4 tcp4 *:22 *:* > root syslogd 561 7 udp4 *:514 *:* Nikos