From owner-freebsd-jail@FreeBSD.ORG  Thu May 30 12:51:21 2013
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: freebsd-jail@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 72AD1662
 for <freebsd-jail@freebsd.org>; Thu, 30 May 2013 12:51:21 +0000 (UTC)
 (envelope-from gofj-freebsd-jail@m.gmane.org)
Received: from plane.gmane.org (plane.gmane.org [80.91.229.3])
 by mx1.freebsd.org (Postfix) with ESMTP id 33D40D9A
 for <freebsd-jail@freebsd.org>; Thu, 30 May 2013 12:51:21 +0000 (UTC)
Received: from list by plane.gmane.org with local (Exim 4.69)
 (envelope-from <gofj-freebsd-jail@m.gmane.org>) id 1Ui2K0-0006J9-VX
 for freebsd-jail@freebsd.org; Thu, 30 May 2013 14:51:13 +0200
Received: from 105-236-155-9.access.mtnbusiness.co.za ([105.236.155.9])
 by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
 id 1AlnuQ-0007hv-00
 for <freebsd-jail@freebsd.org>; Thu, 30 May 2013 14:51:12 +0200
Received: from lists by 105-236-155-9.access.mtnbusiness.co.za with local
 (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00
 for <freebsd-jail@freebsd.org>; Thu, 30 May 2013 14:51:12 +0200
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-jail@freebsd.org
From: Mogamat Abrahams <lists@tabits.co.za>
Subject: Re: Cant reach Jailed services from internet.
Date: Thu, 30 May 2013 12:50:56 +0000 (UTC)
Lines: 27
Message-ID: <loom.20130530T144859-588@post.gmane.org>
References: <loom.20130527T091739-282@post.gmane.org>
 <cc5f425486d0fc06e1ddc0a8cbe300ad@nanogene.org>
 <loom.20130527T215634-190@post.gmane.org>
 <20130528145629.X55451@sola.nimnet.asn.au>
 <20130528080719.GA11195@eik.bme.hu> <loom.20130528T180339-694@post.gmane.org>
 <loom.20130529T091557-794@post.gmane.org> <51A5F743.7080307@a1poweruser.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: sea.gmane.org
User-Agent: Loom/3.14 (http://gmane.org/)
X-Loom-IP: 105.236.155.9 (Mozilla/5.0 (Windows NT 6.1;
 WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64
 Safari/537.31)
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 30 May 2013 12:51:21 -0000

> 
> Do you have   gateway_enable="YES"  statement in the host's rc.conf?
Added it and not difference.
> 
> Is the jails /etc/resolv.conf populated with the correct info?
> 
Yes, name resolution works ok - i can reach out from the jail to other 
services on the internet.

> You said "Netstat on the host and jail also show services
> listening on those addresses on the correct ports."
> 
> If what you mean is the host has processes listening on the SAME
> ip address / ports as the jails are listening on, then your jails
> will never get any unsolicited traffic because the host always gets
> access to that traffic first and processes it without the jail ever 
> knowing about it.
I only have sshd configured on the host, that on the 67. ip address. So I 
assume those listening ports are coming from the jail as its on the same IP 
and ports 80 and 81 

Any other suggestions?

M