From owner-freebsd-questions@FreeBSD.ORG Tue Aug 5 14:55:53 2008 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 937D91065677 for ; Tue, 5 Aug 2008 14:55:53 +0000 (UTC) (envelope-from doug@fledge.watson.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by mx1.freebsd.org (Postfix) with ESMTP id 1CEBD8FC12 for ; Tue, 5 Aug 2008 14:55:53 +0000 (UTC) (envelope-from doug@fledge.watson.org) Received: from fledge.watson.org (localhost.watson.org [127.0.0.1]) by fledge.watson.org (8.14.2/8.14.2) with ESMTP id m75EhE3F065146; Tue, 5 Aug 2008 10:43:14 -0400 (EDT) (envelope-from doug@fledge.watson.org) Received: from localhost (doug@localhost) by fledge.watson.org (8.14.2/8.14.2/Submit) with ESMTP id m75EhDcb065142; Tue, 5 Aug 2008 10:43:13 -0400 (EDT) (envelope-from doug@fledge.watson.org) Date: Tue, 5 Aug 2008 10:43:13 -0400 (EDT) From: doug To: Redd Vinylene In-Reply-To: Message-ID: References: User-Agent: Alpine 1.10 (BSF 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (fledge.watson.org [127.0.0.1]); Tue, 05 Aug 2008 10:43:14 -0400 (EDT) Cc: dwmalone@maths.tcd.ie, questions@freebsd.org Subject: Re: Jails, IPs and identd X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: doug@safeport.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Aug 2008 14:55:53 -0000 On Tue, 5 Aug 2008, Redd Vinylene wrote: > Hello! > > I have a jail with multiple IPs. It runs identd, however it only works > from the jail's main IP: > > auth stream tcp nowait root internal auth -r -f -n -o UNKNOWN -t 30 > > How do I make it work from absolutely all IPs? > > Perhaps: auth stream tcp nowait root internal auth -r -f -n -o UNKNOWN > -t 30 -a ? > > Thank you all! > > # man identd > > -a Specify one specific IP address to bind to. Alternatively, a > hostname can be specified, in which case the IPv4 or IPv6 address > which corresponds to that hostname is used. Usually a hostname > is specified when inetd is run inside a jail(8), in which case > the hostname corresponds to that of the jail(8) environment. > > When the hostname specification is used and both IPv4 and IPv6 > bindings are desired, one entry with the appropriate protocol > type for each binding is required for each service in > /etc/inetd.conf. For example, a TCP-based service would need two > entries, one using ``tcp4'' for the protocol and the other using > ``tcp6''. See the explanation of the /etc/inetd.conf protocol > field below. > It is my understanding you get one IP/jail and that multiple IPs are a work in progress. See http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-intro.html A jail is characterized by four elements: : * An IP address -- this will be assigned to the jail and cannot be changed in any way during the jail's life span. The IP address of a jail is usually an alias address for an existing network interface, but this is not strictly necessary.