Date: Mon, 10 Jun 2002 13:08:27 -0400 From: Andrea Bacchet <baccheta@cae.com> To: "'freebsd-questions@FreeBSD.ORG'" <freebsd-questions@FreeBSD.ORG> Cc: "'grimm@planetquake.com'" <grimm@planetquake.com> Subject: Jail single ip network (FreeBSD 4.5) Message-ID: <8A6A2A139700D5118EB6009027B0FF3A0B7FDFCA@caemsx02.cae.ca>
next in thread | raw e-mail | index | archive | help
Greetings, I have followed the instructions in the man page for jail, as well as several very useful tutorials on setting up jail. I am using FreeBSD 4.5. http://www.samag.com/documents/s=1151/sam0105d/0105d.htm http://www.bsdpro.com/info.php?cat=security&fileid=00014#article The part I didn't understand, was how it was possible to have the jail run within the machine, when the machine itself only has one network card and IP. I then looked into IP Aliasing www.freebsd.peon.net/tutorials/6 Now, the problem I am having has been stumping me for days, I have read all the archives on this mailing list having to do with Jail and haven't seen any mention of a problem like mine. so I setup my jail in /home/jail (I am only going to run one) I then created the network alias, here is the output from ifconfig: xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=3<rxcsum,txcsum> inet 142.39.88.238 netmask 0xffffff00 broadcast 142.39.88.255 inet6 fe80::2c0:4fff:fea0:86fa%xl0 prefixlen 64 scopeid 0x1 inet 192.168.200.13 netmask 0xffffffff broadcast 192.168.200.13 ether 00:c0:4f:a0:86:fa media: Ethernet autoselect (10baseT/UTP) status: active lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500 sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552 faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500 I run the jail using the following command line: jail /home/jail darkside 192.168.200.13 /bin/sh /etc/rc If I do a ps -ax | grep J I can clearly see the jail running: 202 ?? SsJ 0:00.01 /usr/sbin/syslogd -s 209 ?? IsJ 0:00.00 /usr/sbin/inetd -wW 211 ?? IsJ 0:00.00 /usr/sbin/cron 213 ?? IsJ 0:00.25 /usr/sbin/sshd Host ftp is enabled (port 21) sshd is enabled (port 777) <- tested, I can connect from anywhere Jail telnetd is enabled (port 23) sshd is enabled (port 22) My host setup is working fine, I can ftp and ssh into the box without any problems. But I cannot telnet into the jail, nor ssh. In my testing, I noticed something very strange, if I try to telnet to the jail, then do a ps -ax | grep J, I can see that telnetd is now running! but it never responds, I cannot login! Is there something I am doing wrong? Can anyone help me troubleshoot this problem? __ Andrea Bacchet Technical Instructor, Software Systems Technology Engineering Technical Training Department e-mail: baccheta@cae.com phone: (514) 341-6780 X-2083 s-mail: CAE Inc, 8585 Cote de Liesse, St-Laurent, Canada, H4T 1G6 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8A6A2A139700D5118EB6009027B0FF3A0B7FDFCA>