Date: Sat, 16 Dec 2006 10:40:04 +0100 From: Gergely CZUCZY <phoemix@harmless.hu> To: freebsd-net@freebsd.org Subject: jail addresses and default bindings Message-ID: <20061216094004.GA24480@harmless.hu>
next in thread | raw e-mail | index | archive | help
--lrZ03NoBR/3+SXJZ Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable hello today i've meet a behaviour, that can be an issue. i have an lo1 interface with 7 jail addresses as 192.168.0.0/24, where jails have addresses =66rom .1-.7 and there is an address for the host system, that's .14 whenever i try to connect to a port of a jail from the host system, the kernel automaticly assigns the jail's IP address as the source address to the socket. I'd assume that this is not a so welcomed behaviour, because this way it's hard to distingvish in a packet filter(let's say pf), among connections originating from within the jail itself or =66rom the host system to the jail. my question is, are there any work in progress around this? if it's going to be reviewed/fixed/etc, when will it going to happen, and into which stable/release branch is it planned? Bye, Gergely Czuczy mailto: gergely.czuczy@harmless.hu --=20 Weenies test. Geniuses solve problems that arise. --lrZ03NoBR/3+SXJZ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) owFNVE9r3FYQd5yYwGt7CKTkOjf3z0reXW/Xmw3GpaljcjENNeTg01tpJL1Yek95 M9q1fHWhPRRaCj31kE8QMDS3Qj5CP0BvyTcIlJwzT+vdFhahHf008/szT79+cnNj 887fV69Ov/z5tz9uvLy1PfuiaphtHlXaz42NBv3+IBqORpN+tBvtjSbjyW7y1WA2 HO7p3cPL1/8+dJbRcnTS1jgFxnPeqUtt7ANICu0Jeb/hLJqoFe5bQ7Ujw8bZKRhb GovrZydeW8rQR4c2camx+RSeN44xjWpvLOtZiUoVWJZOKXapbsFszxEqRAYNMyz0 3LjG94ALzZBoKzWQqyFqMFYGBNAVSjeQ2Yw+0wnCwnABe/BMmxJ0mnokQlKaYHB/ GA/Gk7gf93eGox4sCvTY4ei61Rq9Px57V0E8iOI9mZAKhYA1FMZdwyBzPtShcMSK WmKslly3Sd4cKSUDLM7RgwH2LbCDxFmLCYdbDbXzDC6Tu45rFiZKPxX6wX/9EM7Q WxQxDbtKs0nKFjSRyS11+PC2jHz83ZqZ7h4AiXvJWlYYuqwmZ8ixUo+309CnqXDp MBeiT37WBf/JwQLLxFWY/j+LGSa6IVQdeBEyC3JlN9LQPzXEEvTcUCGJBI06DIPM lBLPZyUGMMlbdfZ5T+nK2XzliWwQgfMmN1aHHks/QpjSKPDuTDJMWGaCW0W0CuDa sJXIABaJVSsrhxSai7IeaI/XUWrbwsL5s0Cz9i5f+uZd04Vt6ECZbKktd4GN9JXt 8zg3uMB0JzPnckVOujWywrMM5NZgVei6Rtvrlkd2U8wsTFIAdWu/47FETQgzOSJS Db4zyEETJ9IDpb5psafUEfocJeuHF01y0apKJLGbQr4sx0lX/lqsr0ohHxeNUlG0 P+yrp4jWoAQuymM4kj+SmPjuSllyESsMKlpmrr0hOUs/Hdzc2gjnf/XtuLP5z6ON F8c/nF69m356//LH2wfv+fe/7n386s3Gi8M/j19/lP7yZLKbHY/Pv3+7dfzs7gc= =aIq7 -----END PGP SIGNATURE----- --lrZ03NoBR/3+SXJZ--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061216094004.GA24480>