From owner-freebsd-questions@FreeBSD.ORG Tue Aug 10 11:42:48 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 63E95106566C for ; Tue, 10 Aug 2010 11:42:48 +0000 (UTC) (envelope-from valentin.bud@gmail.com) Received: from mail-qy0-f175.google.com (mail-qy0-f175.google.com [209.85.216.175]) by mx1.freebsd.org (Postfix) with ESMTP id E98DE8FC0A for ; Tue, 10 Aug 2010 11:42:47 +0000 (UTC) Received: by qyk11 with SMTP id 11so3318039qyk.13 for ; Tue, 10 Aug 2010 04:42:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:received:in-reply-to :references:from:date:message-id:subject:to:cc:content-type; bh=N0cpRtJMWYiL2UtpIMD1+R7qcoCFObg8xm8EJhUORAU=; b=W89DiF/Nj+ztSZsQBoEZFgKfZGEeSF5K9bOxO3SU178WwXiFaycfwZbAaJVULyGD5x ev0qsdTSb0/BlV7NUH3LkJSRJlEGgsAlzVtVKhWV1vRWdyIcYFD58xn8P6+C4KIgwWYq rizDGCW3lURX429V/2GXyjbDSRHcxoWLQYDVY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; b=j06jcgpijhsofIU8VrE8cBpczsxSqjEpQ9MqBmObfBhrHfFJ4r/0gFeSSajsE2uB5Q lZ5qteuRi6dKd17aGIWIlEYnO1kLSBNXDR4KW7HbUdcoeypn9ItDE/EO1i3TOOOROb70 WnkmIFgL7TOBZoiIkfR3O+u4yaW2quBSd4j3A= Received: by 10.224.46.15 with SMTP id h15mr9554618qaf.20.1281440567151; Tue, 10 Aug 2010 04:42:47 -0700 (PDT) MIME-Version: 1.0 Received: by 10.229.223.132 with HTTP; Tue, 10 Aug 2010 04:42:27 -0700 (PDT) In-Reply-To: <268321.67123.qm@web24608.mail.ird.yahoo.com> References: <268321.67123.qm@web24608.mail.ird.yahoo.com> From: Valentin Bud Date: Tue, 10 Aug 2010 14:42:27 +0300 Message-ID: To: Brice ERRANDONEA Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: How to connect a jail to the web ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Aug 2010 11:42:48 -0000 On Tue, Aug 10, 2010 at 2:01 PM, Brice ERRANDONEA wrote: > Hello, > > I've just created my first FreeBSD jail in order to install a web server > inside. > But I don't know how to connect it to the web. When I try pinging a http > website, it doesn't work. Of course, it works when I do it from outside the > jail. > > Another problem, probably linked to the first one, I can't run rc within > the > jail, even as the jail's root. It says : permission denied. > > Here's how I built and started my jail. I had already run make buildworld > when > upgrading to 8.1 release : > > # mkdir /usr/prison > # cd /usr/src > # make installworld DESTDIR=/usr/prison > # make distribution DESTDIR=/usr/prison > # mount -t devfs devfs /usr/prison/dev > # jail -c path=/usr/prison host.hostname=ServeurWeb ip4.addr=192.1.1.1 > persist > # jail /usr/prison ServeurWeb 192.1.1.1 csh > > I guess this must be a very basic question but please help me. > Hello, To be able to ping from inside the jail you need raw sockets activated on the host. sysctl security.jail.allow_raw_sockets=1 For ease of configuration you could use ezjail - a jail administration framework written in shell or if you plan to use lots of jails (20+) you could try qjail which is also a jail administration framework. have a great day, v -- network warrior