From owner-svn-src-all@FreeBSD.ORG Tue Oct 15 05:22:55 2013 Return-Path: Delivered-To: svn-src-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 777B08D7; Tue, 15 Oct 2013 05:22:55 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from mail.allbsd.org (gatekeeper.allbsd.org [IPv6:2001:2f0:104:e001::32]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E77BC21C1; Tue, 15 Oct 2013 05:22:54 +0000 (UTC) Received: from alph.d.allbsd.org (p4181-ipbf1307funabasi.chiba.ocn.ne.jp [123.225.173.181]) (authenticated bits=128) by mail.allbsd.org (8.14.5/8.14.5) with ESMTP id r9F5MZT3087264 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 15 Oct 2013 14:22:46 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (localhost [IPv6:::1]) (authenticated bits=0) by alph.d.allbsd.org (8.14.7/8.14.5) with ESMTP id r9F5MYLX029163; Tue, 15 Oct 2013 14:22:35 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Tue, 15 Oct 2013 14:22:29 +0900 (JST) Message-Id: <20131015.142229.509071744045645883.hrs@allbsd.org> To: gavin@FreeBSD.org, peter@wemm.org Subject: Re: svn commit: r256256 - in head: . etc etc/defaults etc/rc.d share/man/man5 usr.sbin/jail From: Hiroki Sato In-Reply-To: <20131015.130325.1303921217567498427.hrs@allbsd.org> References: <525CB6E8.9080407@wemm.org> <20131015.130325.1303921217567498427.hrs@allbsd.org> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.5 on Emacs 24.3 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart(Tue_Oct_15_14_22_29_2013_997)--" Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.97.4 at gatekeeper.allbsd.org X-Virus-Status: Clean X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (mail.allbsd.org [133.31.130.32]); Tue, 15 Oct 2013 14:22:47 +0900 (JST) X-Spam-Status: No, score=-99.1 required=13.0 tests=CONTENT_TYPE_PRESENT, SPF_SOFTFAIL,USER_IN_WHITELIST autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on gatekeeper.allbsd.org Cc: svn-src-head@FreeBSD.org, remko@FreeBSD.org, src-committers@FreeBSD.org, svn-src-all@FreeBSD.org X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Oct 2013 05:22:55 -0000 ----Security_Multipart(Tue_Oct_15_14_22_29_2013_997)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hiroki Sato wrote in <20131015.130325.1303921217567498427.hrs@allbsd.org>: hr> Peter Wemm wrote hr> in <525CB6E8.9080407@wemm.org>: hr> hr> pe> Note how they're all on bge0 and the lo1|127.x is ignored. hr> pe> hr> pe> There's some other problems I haven't pinned down yet. Something has hr> pe> changed radically with source address selection and some standard setups hr> pe> from 7.x through 10.x (as of a few months ago) don't work anymore. I hr> pe> haven't yet figured out how to do the per-jail lo1|127.x thing in the new hr> pe> scheme even with an old rc.d/jail - anything attempting to bind to localhost hr> pe> gets remapped to the public, fully exposed address. hr> pe> hr> pe> I'm still looking. hr> hr> Can you test the attached patch? Okay, I think r256498 should fix these issues. Please let me know if you still have a problem. -- Hiroki ----Security_Multipart(Tue_Oct_15_14_22_29_2013_997)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (FreeBSD) iEYEABECAAYFAlJc0RUACgkQTyzT2CeTzy2cwQCgq9Aa2hSUmDVXzyFkLUbAfoXe NmwAoIwxpGyXvLZ6lBEQcQg6qn843UVW =F2TI -----END PGP SIGNATURE----- ----Security_Multipart(Tue_Oct_15_14_22_29_2013_997)----