From owner-freebsd-net@FreeBSD.ORG Sat Dec 16 09:40:08 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id F121316A40F for ; Sat, 16 Dec 2006 09:40:07 +0000 (UTC) (envelope-from gergely.czuczy@harmless.hu) Received: from marvin.harmless.hu (marvin.harmless.hu [195.56.55.204]) by mx1.FreeBSD.org (Postfix) with ESMTP id E359A43CA0 for ; Sat, 16 Dec 2006 09:40:06 +0000 (GMT) (envelope-from gergely.czuczy@harmless.hu) Received: from localhost (marvin-mail [192.168.0.2]) by marvin.harmless.hu (Postfix) with ESMTP id B72BF7BFF14 for ; Sat, 16 Dec 2006 10:40:05 +0100 (CET) X-Virus-Scanned: by amavisd-new-2.4.2 (20060627) (Debian) at harmless.hu Received: from marvin.harmless.hu ([192.168.0.2]) by localhost (marvin.harmless.hu [192.168.0.2]) (amavisd-new, port 10024) with ESMTP id l-93rCvD-XH7 for ; Sat, 16 Dec 2006 10:40:04 +0100 (CET) Received: from marvin.harmless.hu (localhost [127.0.0.1]) by marvin.harmless.hu (Postfix) with ESMTP id D0DA57BFF11 for ; Sat, 16 Dec 2006 10:40:04 +0100 (CET) Date: Sat, 16 Dec 2006 10:40:04 +0100 From: Gergely CZUCZY To: freebsd-net@freebsd.org Message-ID: <20061216094004.GA24480@harmless.hu> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=x-unknown; protocol="application/pgp-signature"; boundary="lrZ03NoBR/3+SXJZ" Content-Disposition: inline User-Agent: mutt-ng/devel-r804 (FreeBSD) Subject: jail addresses and default bindings X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Dec 2006 09:40:08 -0000 --lrZ03NoBR/3+SXJZ Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable hello today i've meet a behaviour, that can be an issue. i have an lo1 interface with 7 jail addresses as 192.168.0.0/24, where jails have addresses =66rom .1-.7 and there is an address for the host system, that's .14 whenever i try to connect to a port of a jail from the host system, the kernel automaticly assigns the jail's IP address as the source address to the socket. I'd assume that this is not a so welcomed behaviour, because this way it's hard to distingvish in a packet filter(let's say pf), among connections originating from within the jail itself or =66rom the host system to the jail. my question is, are there any work in progress around this? if it's going to be reviewed/fixed/etc, when will it going to happen, and into which stable/release branch is it planned? Bye, Gergely Czuczy mailto: gergely.czuczy@harmless.hu --=20 Weenies test. Geniuses solve problems that arise. --lrZ03NoBR/3+SXJZ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) owFNVE9r3FYQd5yYwGt7CKTkOjf3z0reXW/Xmw3GpaljcjENNeTg01tpJL1Yek95 M9q1fHWhPRRaCj31kE8QMDS3Qj5CP0BvyTcIlJwzT+vdFhahHf008/szT79+cnNj 887fV69Ov/z5tz9uvLy1PfuiaphtHlXaz42NBv3+IBqORpN+tBvtjSbjyW7y1WA2 HO7p3cPL1/8+dJbRcnTS1jgFxnPeqUtt7ANICu0Jeb/hLJqoFe5bQ7Ujw8bZKRhb GovrZydeW8rQR4c2camx+RSeN44xjWpvLOtZiUoVWJZOKXapbsFszxEqRAYNMyz0 3LjG94ALzZBoKzWQqyFqMFYGBNAVSjeQ2Yw+0wnCwnABe/BMmxJ0mnokQlKaYHB/ GA/Gk7gf93eGox4sCvTY4ei61Rq9Px57V0E8iOI9mZAKhYA1FMZdwyBzPtShcMSK WmKslly3Sd4cKSUDLM7RgwH2LbCDxFmLCYdbDbXzDC6Tu45rFiZKPxX6wX/9EM7Q WxQxDbtKs0nKFjSRyS11+PC2jHz83ZqZ7h4AiXvJWlYYuqwmZ8ixUo+309CnqXDp MBeiT37WBf/JwQLLxFWY/j+LGSa6IVQdeBEyC3JlN9LQPzXEEvTcUCGJBI06DIPM lBLPZyUGMMlbdfZ5T+nK2XzliWwQgfMmN1aHHks/QpjSKPDuTDJMWGaCW0W0CuDa sJXIABaJVSsrhxSai7IeaI/XUWrbwsL5s0Cz9i5f+uZd04Vt6ECZbKktd4GN9JXt 8zg3uMB0JzPnckVOujWywrMM5NZgVei6Rtvrlkd2U8wsTFIAdWu/47FETQgzOSJS Db4zyEETJ9IDpb5psafUEfocJeuHF01y0apKJLGbQr4sx0lX/lqsr0ohHxeNUlG0 P+yrp4jWoAQuymM4kj+SmPjuSllyESsMKlpmrr0hOUs/Hdzc2gjnf/XtuLP5z6ON F8c/nF69m356//LH2wfv+fe/7n386s3Gi8M/j19/lP7yZLKbHY/Pv3+7dfzs7gc= =aIq7 -----END PGP SIGNATURE----- --lrZ03NoBR/3+SXJZ--