Date: Sun, 18 Apr 2010 11:32:26 +0800 From: Aiza <aiza21@comclark.com> To: kurt seel <kseel@governmentcostsolutions.com> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Ping from jail not permitted error Message-ID: <4BCA7D4A.6060309@comclark.com> In-Reply-To: <4BCA61FC.5000308@governmentcostsolutions.com> References: <4BCA54DC.1000301@comclark.com> <4BCA61FC.5000308@governmentcostsolutions.com>
next in thread | previous in thread | raw e-mail | index | archive | help
kurt seel wrote: > Aiza wrote: >> My jail has public internet access because i can do pkg_add -r >> unix2dos and the package does install. But when I enter ping -c 2 >> freebsd.org I get message "ping: socket: Operation not permitted" >> There is no firewall running in the jail. >> >> Any ideas would be helpful. >> >> Thanks > > ICMP is disallowed by defaut for jails, see the sysctl : > security.jail.allow_raw_sockets > There are good reasons for this default, so if you test remember to set it > back when you are done. > Also, on a point of style, jails in their current form (see VIMAGE) > do not get a network stack of their own so they don't have a firewall but > share the hosts' network and firewall, etc. > > I don't have man vimage. Is this part of Freebsd?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BCA7D4A.6060309>