Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 9 Nov 2012 02:38:34 -0800 (PST)
From:      Beeblebrox <zaphod@berentweb.com>
To:        freebsd-jail@freebsd.org
Subject:   ICMP RAW socket error
Message-ID:  <1352457514352-5759501.post@n5.nabble.com>

next in thread | raw e-mail | index | archive | help
My jail used to work fine but it seems a recent update broke some things. My
kernel/world has INET6 disblad and there are already 2 threads re the error
that setting causes with jails. Now this error - is it a bug or am I missing
something?

My /etc/sysctl.conf has 
security.jail.allow_raw_sockets=1
I even confirm it separately before starting the jail:
# sysctl security.jail.allow_raw_sockets

* I start the jail but isc-dhcpd cannot start: unable to create icmp socket:
Operation not permitted
* I cannot ping from the jail: ping: socket: Operation not permitted
* This error also, but inetd starts: inetd[50866]: madvise() failed:
Operation not permitted

No point in setting up a dhcp debug log, the error is in the network
setting.
/etc/devfs.rules has: add path net unhide,  add path 'net/*' unhide
My system is not exposed to the outside so it does not have pf / nat running
on it.




--
View this message in context: http://freebsd.1045724.n5.nabble.com/ICMP-RAW-socket-error-tp5759501.html
Sent from the freebsd-jail mailing list archive at Nabble.com.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1352457514352-5759501.post>