Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 4 Jan 2012 11:35:49 +0100
From:      =?utf-8?Q?Eirik_=C3=98verby?= <ltning@anduin.net>
To:        Andrew Hotlab <andrew.hotlab@hotmail.com>
Cc:        FreeBSD-Jail <freebsd-jail@freebsd.org>
Subject:   Re: jailed process listening on host addresses
Message-ID:  <78A52A88-CE31-4450-BB8D-3D5BC9D20456@anduin.net>
In-Reply-To: <DUB112-DS504AD88D198A4E9DA56ABAF6970@phx.gbl>
References:  <DUB112-DS504AD88D198A4E9DA56ABAF6970@phx.gbl>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 4. jan. 2012, at 02:10, "Andrew Hotlab" <andrew.hotlab@hotmail.com> wrote=
:

> I noticed a strange behavior some days ago, but I can't say how much long i=
t have been happening for. Some processes which are running in different jai=
ls on the same host seems to be listening on all host IPs. Here is an exampl=
e:
>=20
> #sockstat -4l | grep "4   \*:"
> root     mDNSRespon 69801 3  udp4   *:45258               *:*
> root     mDNSRespon 69801 4  udp4   *:5353                *:*
> root     unfsd      69761 3  udp4   *:2049                *:*
> root     unfsd      69761 4  tcp4   *:2049                *:*
> root     rpcbind    69703 7  udp4   *:111                 *:*
> root     rpcbind    69703 8  udp4   *:732                 *:*
> root     rpcbind    69703 9  tcp4   *:111                 *:*
> 921      transmissi 29851 10 udp4   *:*                   *:*
> 931      asterisk   29805 25 udp4   *:*                   *:*
>=20
>=20
> It's happening on several host right now (all are running FreeBSD/amd64 8.=
2-RELEASE-p5), with both UDP and TCP listeners. Any jail is using a single u=
nicast IP address. I really hope to miss something important... or should I g=
uess that these processes are "escaping" from the jails?! :S

Did you try to actually connect to any of those listeners? I see the same he=
re, but I cannot actually connect to the ports on anything but the jail IP..=



> Thank very much for any explanation anyone would be so kind to give me.
>=20
> Andrew
>=20
> _______________________________________________
> freebsd-jail@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-jail
> To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org"
>=20

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?78A52A88-CE31-4450-BB8D-3D5BC9D20456>