Date: Wed, 8 Feb 2006 14:21:51 +0100 (CET) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-stable@FreeBSD.ORG Subject: Re: OpenVPN within a Jail under 6.x ... Message-ID: <200602081321.k18DLpjo061917@lurza.secnetix.de> In-Reply-To: <20060207225936.O3207@ganymede.hub.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Marc G. Fournier <scrappy@hub.org> wrote: > Is this possible? I'm reading through the man pages for openvpn, and > doubt that it is with 4.x, since it requires access to /dev, but with 6.x > using devfs to mount dev into the jail, is it possible to set it up? The problem isn't related to /dev. It doesn't matter whether your device nodes come from devfs (FreeBSD 6) or have been created manually with MAKEDEV (FreeBSD 4), both of which can be used for jails. The problem is that you need to configure interfaces (tun(4) or tap(4)) to set up the VPN, but ifconfig(8) does not work inside a jail. That means you cannot set up a VPN inside a jail. However, you can _use_ it within a jail, of course, if you assign the IP of the VPN connection to the jail (or arrange to forward packets to the jail with IPFW FWD or whatever). Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. Passwords are like underwear. You don't share them, you don't hang them on your monitor or under your keyboard, you don't email them, or put them on a web site, and you must change them very often.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200602081321.k18DLpjo061917>