From owner-freebsd-jail@FreeBSD.ORG Wed Jun 11 00:23:08 2014 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8123BE16 for ; Wed, 11 Jun 2014 00:23:08 +0000 (UTC) Received: from outbound.mailhostbox.com (outbound.mailhostbox.com [162.222.225.22]) by mx1.freebsd.org (Postfix) with ESMTP id 48E8F23B1 for ; Wed, 11 Jun 2014 00:23:08 +0000 (UTC) Received: from [192.168.1.2] (unknown [109.99.157.72]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: s7r@sky-ip.org) by outbound.mailhostbox.com (Postfix) with ESMTPSA id 7E7F3638FC5 for ; Wed, 11 Jun 2014 00:23:08 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sky-ip.org; s=20110108; t=1402446189; bh=hTsRc1MwPJDI7tDw+VcjaPVoS2jzkFs3IeDKvJZjTmE=; h=Message-ID:Date:From:Reply-To:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=YSX/rzsxf4YU+kvmiDR7vPFqmXXpkQ98848DQZSwmgihH/cbPsFGgPTw5iNblKby1 itOCsZO+giJozpi/Zqrb40eiu2ycox4j6i0bGRbpnulJ1AkKkgdcjxRnSAZ1mz3G5U ScfBPPDSdoAdLpetKZcYitRhSP+BZFYEvmR2Wow0= Message-ID: <5397A16E.8080504@sky-ip.org> Date: Wed, 11 Jun 2014 03:23:10 +0300 From: "s7r@sky-ip.org" Reply-To: s7r@sky-ip.org User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: freebsd-jail@freebsd.org Subject: Re: Assign Lookback address 127.0.0.1 to jail References: <53979DA8.60002@sky-ip.org> <5397A0D9.403@freebsd.org> In-Reply-To: <5397A0D9.403@freebsd.org> X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-CTCH-RefID: str=0001.0A020203.5397A16B.009B, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0 X-CTCH-VOD: Unknown X-CTCH-Spam: Unknown X-CTCH-Score: 0.000 X-CTCH-Rules: X-CTCH-Flags: 0 X-CTCH-ScoreCust: 0.000 X-CTCH-SenderID: s7r@sky-ip.org X-CTCH-SenderID-TotalMessages: 1 X-CTCH-SenderID-TotalSpam: 0 X-CTCH-SenderID-TotalSuspected: 0 X-CTCH-SenderID-TotalBulk: 0 X-CTCH-SenderID-TotalConfirmed: 0 X-CTCH-SenderID-TotalRecipients: 0 X-CTCH-SenderID-TotalVirus: 0 X-CTCH-SenderID-BlueWhiteFlag: 0 X-Scanned-By: MIMEDefang 2.72 on 172.18.214.134 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2014 00:23:08 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/11/2014 3:20 AM, Allan Jude wrote: > On 2014-06-10 20:07, s7r@sky-ip.org wrote: >> Hi, >> >> Operating system is FreeBSD 10.0 64 Bit >> >> I have installed ezjail from ports and properly configured a jail >> with its own static and dedicated IP address. Everything works >> good, it's just that I have an application which requires to talk >> to another one via RPC on IP 127.0.0.1, and I have noticed the >> jail does not have a lo0 interface or localhost 127.0.0.1 IP >> address. >> >> This is bad because the application has no choice but to bind to >> the public IP address assigned to the jail, and it's not safe. >> >> How can I add a lo0 interface with IP 127.0.0.1 to a jail? >> >> Thanks in advance. >> _______________________________________________ >> freebsd-jail@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-jail To >> unsubscribe, send any mail to >> "freebsd-jail-unsubscribe@freebsd.org" >> > > Does it have to be 127.0.0.1? You can add an alias like 127.0.0.2 > to the lo0 interface and use that. > > Inside the jail, 127.0.0.1 is mapped to the IP of the jail. > > Using ezjail, you can also allocate more than 1 IP address to a > jail by comma separating them > > You can also make it automatically alias the IPs for you with the > syntax: > > em0|192.168.0.10,lo0|127.0.0.2 etc > > Thank you Allan for your fast reply. I have the jail already created via: # ezjail-admin create How do I modify the already existing jail to have 127.0.0.2, for example, or can't I just have 127.0.0.1 in the jail? - -- s7r PGP Fingerprint: 7C36 9232 5ABD FB0B 3021 03F1 837F A52C 8126 5B11 PGP Pubkey: http://www.sky-ip.org/s7r@sky-ip.org.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTl6FtAAoJEIN/pSyBJlsRV9MIAJtCIdKxWlHmtRPfiv7lUzoV U8NrQ0S7qPjlhQyvHha3gqid1MIm7gUHAHMcdpV++QSlk8P6PuOHNVTfthVq2hhV l9vIyFS7/e60a0QLOdtay9z9u4tyb2VFGa7uNewj8RSzmi9Yj0QeLvYZRMhk7SbG DEeb4k8+7etKvjHyv4OwF1dqrnOIgNMxsmhF3wxKLieahNFJWIJBzgRXIYZJTuwj 5LbwV9CYakVWlYdNNHh5gc9MkSvdC93MeUFXRjtsdFiHnda+kmDTwGhtXoI+NIZJ zpfQLAQZv8j7awkQnxpgiTNGfJ3NyZaMRGZZsLp007uiA1JahDggXIt6l0g1fqI= =LY3I -----END PGP SIGNATURE-----