From owner-freebsd-jail@FreeBSD.ORG Wed Aug 6 21:01:21 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9DCD5106567F for ; Wed, 6 Aug 2008 21:01:21 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.187]) by mx1.freebsd.org (Postfix) with ESMTP id 2A6FC8FC1E for ; Wed, 6 Aug 2008 21:01:20 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by nf-out-0910.google.com with SMTP id h3so81806nfh.33 for ; Wed, 06 Aug 2008 14:01:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=x+XOgVkEkKJMIbQeaQsnwSFVixNoOyM7gA7vefQb/dQ=; b=dnALbj0Xq0GyYu6yww1J649iW99X6ism7FUvxPLg1zdhVu4D+r8nshX1EX855Nj+Xa OWpHiqE9BBdMfB8m7lBHx+LGo8RW2JZ9D1lKO/mdM/xpkocb5tCvRzM9BCF1OCtT/VdY BF9+6mEiOYaoRBBuQCTn/gDp8vyZg0gL2E9+g= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=jH4AnUg1rp7Q05uF8x8AsifbmXiQYmWSCX08S/+fcDm+0A5IF94CMgcHxLxPoC5gDM jpDowwvEHJBzCy2OR6HPUwt/TVLKlg5nbLWjEJNSvuo6hsfekiXqN+wh98l2h+hzPzok LLIUR4hqGNQpFD7Y+K+vcjuLejLJ3S3Ny8cYs= Received: by 10.103.212.20 with SMTP id o20mr1762078muq.22.1218056479078; Wed, 06 Aug 2008 14:01:19 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Wed, 6 Aug 2008 14:01:19 -0700 (PDT) Message-ID: Date: Wed, 6 Aug 2008 23:01:19 +0200 From: "Redd Vinylene" To: "Bjoern A. Zeeb" , freebsd-jail@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20080806201636.J88849@maildrop.int.zabbadoz.net> Cc: Subject: Re: identd on jail with multiple IPs X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Aug 2008 21:01:21 -0000 Could it be a DNS misconfiguration perhaps? On Wed, Aug 6, 2008 at 10:58 PM, Redd Vinylene wrote: > Good evening Bjoern, > > Exactly how do I do a packet trace? I could do a tcpdump -n -e -ttt -i > rl0 but I don't know how to filter out all the noise. > > But actually, identd works just fine here with the jail's first IP, > 66.252.2.4. The problem must be elsewhere. > > When I change the IP to 66.252.2.5, or any other IP besides the first, > I get errors like: > > ERROR Closing Link: 0.0.0.0 (A-banned: [AKILL ID:1212791563K-a] > [exp/idsh] Connections from this netrange are required to respond to > identd requests in order to connect to DALnet. Visit > http://kline.dal.net/exploits/ident.htm for more information. Contact > your provider if identd is not working (2008/08/04 02.07)) > > When connecting to irc.freenode.net though, it defaults back to > 66.252.2.4 no matter what IP I use. > > Maybe I've just twisted some of the basics? > > - > > The host (mother)'s rc.conf http://pastie.org/248762 (you've probably > seen that one before though) > > - > > 66.252.2.4# cat /etc/rc.conf > sshd_enable="YES" > inetd_enable="YES" > linux_enable="YES" > clear_tmp_enable="YES" > update_motd="NO" > > - > > 66.252.2.4# cat /etc/resolv.conf > # Same as the host. Perhaps it should only contain "nameserver 66.252.2.2"? > nameserver 69.65.17.101 > nameserver 69.65.16.102 > > - > > 66.252.2.4# cat /etc/hosts > 127.0.0.1 localhost localhost.fox-host.net > 66.252.2.2 mother.fox-host.net mother > 66.252.2.3 camel.fox-host.net camel > 66.252.2.4 box.fox-host.net box > > - > > 66.252.2.4# uname -a > FreeBSD mother.fox-host.net 7.0-STABLE FreeBSD 7.0-STABLE #3: Sat Aug > 2 18:55:18 CDT 2008 > kalle@mother.fox-host.net:/usr/obj/usr/src/sys/GENERIC i386 > > - > > Maybe you'd be willing to log onto the box yourself and boss it around a little? > > Cheers, > Redd > > On Wed, Aug 6, 2008 at 10:18 PM, Bjoern A. Zeeb > wrote: >> On Wed, 6 Aug 2008, Redd Vinylene wrote: >> >>> I cannot seem to make identd work on a jail with multiple IPs (Bjoern >>> Zeeb's patch): >> >> So do you have any kind of error message? packet traces or anything to >> further isolate the problem rather than "does not work"? >> >> -- >> Bjoern A. Zeeb Stop bit received. Insert coin for new game. >> > > > > -- > http://www.home.no/reddvinylene > -- http://www.home.no/reddvinylene