From owner-freebsd-jail@FreeBSD.ORG Wed Jun 11 01:19:11 2014 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F197034F for ; Wed, 11 Jun 2014 01:19:10 +0000 (UTC) Received: from outbound.mailhostbox.com (outbound.mailhostbox.com [162.222.225.22]) by mx1.freebsd.org (Postfix) with ESMTP id B8B2C2743 for ; Wed, 11 Jun 2014 01:19:10 +0000 (UTC) Received: from [192.168.1.2] (unknown [109.99.157.72]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: s7r@sky-ip.org) by outbound.mailhostbox.com (Postfix) with ESMTPSA id 0627863978E for ; Wed, 11 Jun 2014 01:19:09 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sky-ip.org; s=20110108; t=1402449551; bh=g63zktm3Vt9OeBYi4tfkmOMbX4U5YeS0rhFSprMfvFY=; h=Message-ID:Date:From:Reply-To:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=fXTErusD8Syj3VAuc8GCT1jzyZWfROMbb+EWfe3ypWYy4unThl934ltoThqfbbmQP b5Uvn1br2CvPJtaamwc/BScUHJibR27U5ty0wF429Y+/97bEdWipLs7jZiMeJIDwBG 4Meci9Dl4M2/qrkvuciJvL16+ciT/AQfvtrTneSs= Message-ID: <5397AE8F.8020000@sky-ip.org> Date: Wed, 11 Jun 2014 04:19:11 +0300 From: "s7r@sky-ip.org" Reply-To: s7r@sky-ip.org User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: freebsd-jail@freebsd.org Subject: Re: Assign Lookback address 127.0.0.1 to jail References: <53979DA8.60002@sky-ip.org> <5397A0D9.403@freebsd.org> <5397A16E.8080504@sky-ip.org> <5397A2C3.1090109@freebsd.org> In-Reply-To: <5397A2C3.1090109@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-CTCH-RefID: str=0001.0A020206.5397AE8D.00A2, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0 X-CTCH-VOD: Unknown X-CTCH-Spam: Unknown X-CTCH-Score: 0.000 X-CTCH-Rules: X-CTCH-Flags: 0 X-CTCH-ScoreCust: 0.000 X-CTCH-SenderID: s7r@sky-ip.org X-CTCH-SenderID-TotalMessages: 1 X-CTCH-SenderID-TotalSpam: 0 X-CTCH-SenderID-TotalSuspected: 0 X-CTCH-SenderID-TotalBulk: 0 X-CTCH-SenderID-TotalConfirmed: 0 X-CTCH-SenderID-TotalRecipients: 0 X-CTCH-SenderID-TotalVirus: 0 X-CTCH-SenderID-BlueWhiteFlag: 0 X-Scanned-By: MIMEDefang 2.72 on 172.18.214.134 X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2014 01:19:11 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/11/2014 3:28 AM, Allan Jude wrote: > On 2014-06-10 20:23, s7r@sky-ip.org wrote: >> On 6/11/2014 3:20 AM, Allan Jude wrote: >>> On 2014-06-10 20:07, s7r@sky-ip.org wrote: >>>> Hi, >>>> >>>> Operating system is FreeBSD 10.0 64 Bit >>>> >>>> I have installed ezjail from ports and properly configured a >>>> jail with its own static and dedicated IP address. Everything >>>> works good, it's just that I have an application which >>>> requires to talk to another one via RPC on IP 127.0.0.1, and >>>> I have noticed the jail does not have a lo0 interface or >>>> localhost 127.0.0.1 IP address. >>>> >>>> This is bad because the application has no choice but to bind >>>> to the public IP address assigned to the jail, and it's not >>>> safe. >>>> >>>> How can I add a lo0 interface with IP 127.0.0.1 to a jail? >>>> >>>> Thanks in advance. >>>> _______________________________________________ >>>> freebsd-jail@freebsd.org mailing list >>>> http://lists.freebsd.org/mailman/listinfo/freebsd-jail To >>>> unsubscribe, send any mail to >>>> "freebsd-jail-unsubscribe@freebsd.org" >>>> >> >>> Does it have to be 127.0.0.1? You can add an alias like >>> 127.0.0.2 to the lo0 interface and use that. >> >>> Inside the jail, 127.0.0.1 is mapped to the IP of the jail. >> >>> Using ezjail, you can also allocate more than 1 IP address to >>> a jail by comma separating them >> >>> You can also make it automatically alias the IPs for you with >>> the syntax: >> >>> em0|192.168.0.10,lo0|127.0.0.2 etc >> >> >> >> Thank you Allan for your fast reply. >> >> I have the jail already created via: # ezjail-admin create >> >> >> How do I modify the already existing jail to have 127.0.0.2, for >> example, or can't I just have 127.0.0.1 in the jail? >> >> _______________________________________________ >> freebsd-jail@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-jail To >> unsubscribe, send any mail to >> "freebsd-jail-unsubscribe@freebsd.org" >> > > Stop the jail, and then edit /usr/local/etc/ezjail/jail_name > > and change the line that defines the IPs > Thank you it works, with 127.0.0.2 If I try to add 127.0.0.1 will this create any conflicts with the host or will it work? Because i have something important listening on hosts's 127.0.0.1 and don't want to mess up. I would need the same configuration within the jail also, so that's why I need the .1 localhost IP. - -- s7r PGP Fingerprint: 7C36 9232 5ABD FB0B 3021 03F1 837F A52C 8126 5B11 PGP Pubkey: http://www.sky-ip.org/s7r@sky-ip.org.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTl66PAAoJEIN/pSyBJlsR3kQIAMONQ/3FrX9tQBbdJRc7N3eP a/fIOnBYWZCu7ad0DF2NXfOIzfrQBuKCGhm3CLQmzVGw0k/fdD/Yu/U9/kdjgI/n A/ZELHZmowQPfao8tK6eSqeOmw6gNzhCth5ILfH0CJvvarjBXUi7ygHhwzB1U97n sqJzKv8cDAVf67Sd3YbNNa2FoXdM32esEpsjnB8dJEF9ijzv54ovXdREYZhgkibX IN1XcsfUGLdtZDL14+JXlTOaBDk9WgUuoEcsWeAZtM8VVaTiN/QqYbywf598hxLN 5G3AyyfUrLAq4z2RjnzZ2SGAIqv42CyE4MSf3Sft/fFNRExxiq3xAoWmwaTqRnk= =3gqI -----END PGP SIGNATURE-----