From owner-freebsd-questions@FreeBSD.ORG Tue Aug 20 07:27:27 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 49D81278 for ; Tue, 20 Aug 2013 07:27:27 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from blue.qeng-ho.org (blue.qeng-ho.org [217.155.128.241]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D5AD328C0 for ; Tue, 20 Aug 2013 07:27:26 +0000 (UTC) Received: from fileserver.home.qeng-ho.org (localhost [127.0.0.1]) by fileserver.home.qeng-ho.org (8.14.5/8.14.5) with ESMTP id r7K7RHHc071022; Tue, 20 Aug 2013 08:27:17 +0100 (BST) (envelope-from freebsd@qeng-ho.org) Message-ID: <52131A55.2040400@qeng-ho.org> Date: Tue, 20 Aug 2013 08:27:17 +0100 From: Arthur Chance User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130810 Thunderbird/17.0.8 MIME-Version: 1.0 To: Karl Pielorz Subject: Re: jail.conf ignoring exec.fib? References: <98486B2D79D00F0898B7C9E6@Mail-PC.tdx.co.uk> <520B7F0F.7020006@a1poweruser.com> <1960A5B02323B4982B4C0320@Mail-PC.tdx.co.uk> <520FA592.7010305@qeng-ho.org> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Aug 2013 07:27:27 -0000 On 19/08/2013 21:02, Karl Pielorz wrote: > > > --On 17 August 2013 17:32:18 +0100 Arthur Chance > wrote: > >> What do you get in the jail from >> >> sysctl net.fibs >> sysctl net.my_fibnum >> >> ? > > I didn't know those sysctl's existed :) I only stumbled on them by doing sysctl -a | grep fib It's often surprising what you find that way. > If I fire up the jail, and jexec > to it, and run the above - I get: > > " > root@jail:/ # sysctl net.fibs > net.fibs: 4 > root@jail:/ # sysctl net.my_fibnum > net.my_fibnum: 0 > " > > (I have 'ROUTETABLES=4' in the Kernel, so the 4 above is correct). > > > That's for a jail which has: > > " > jail { > jid = 100; > exec.fib = "1"; > ... > " > > In /etc/jail.conf > > So, on the surface it looks like 'exec.fib' is being ignored :( I tried > it without quotes as well, to no avail. In the source the exec.fib parameter is given as an integer, so the quotes probably shouldn't be there, but I'm not sure whether it matters. There's definitely a setfib call in the source that's done if exec.fib exists. All I can think of right now is that you try firing up the jail using the -v verbose flag. This should show everything the jail command does as the jail is created. -- In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a new race of servants. Called Uruk-Oh-Hai in the Black Speech, they were cruel and delighted in torturing spelling and grammar. _Lord of the Rings 2.0, the Web Edition_