Date: Sat, 3 Sep 2016 15:49:25 +0000 From: James Lodge <James@Lodge.me.uk> To: James Gritton <jamie@freebsd.org> Cc: Grzegorz Junka <list1@gjunka.com>, "freebsd-jail@freebsd.org" <freebsd-jail@freebsd.org> Subject: Re: Changing jail's IP automatically Message-ID: <F9734DA1-D3BE-46C8-87C7-91C4C4B653F1@Lodge.me.uk> In-Reply-To: <4fa37d2e14665ff5a00548626e55142f@gritton.org> References: <872dfbe1-3f39-bf5f-44b2-611bd92a1210@gjunka.com>, <4fa37d2e14665ff5a00548626e55142f@gritton.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Would PF and NAT not work for you? NAT to the WLAN0 IP (DHCP assigned) usin= g PF macros and have a separate subnet for your jails? This would be PAT so= you might have issues with accessing services inbound if you're using the = same port in multiple jails. Just an idea.....=20 Sent from my iPad > On 3 Sep 2016, at 16:33, James Gritton <jamie@freebsd.org> wrote: >=20 >> On 2016-09-02 15:08, Grzegorz Junka wrote: >> I am using a jail on my laptop and I often connect to different >> WiFi's, which of course assign different IPs to my laptop. I set up >> the jail by adding an alias to wlan0 and I need to update the IP every >> time I switch the WiFi network. Is it possible to create a jail with >> IP assigned dynamically, e.g. from DHCP, or at least switch between >> predefined IPs more easily than by editing /etc/jail.conf? >=20 > You can always add addresses later. I would create the jail without any = IP address specified in jail.conf, and then have a exec.poststart script th= at sets the address using something like "jail -m name=3Dfoo ip4.addr=3D1.2= .3.4". And similarly when the network switches, it would need to trigger a= similar script that resets the address. >=20 > It's a little more complicated that than though: network daemons will be = bound to the old address after the switch, so you'll need to run the proper= service(8) commands to restart those, in the right order. Or depending on= the service, maybe a kick of some sort (like a kill -1) would do the trick= . >=20 > And at start time, if the jail has no IP address of its own, anything it = runs will use the regular system IP addresses. That's definitely not what = you want. Unfortunately, jail(8) doesn't have a way to run a script in the= system environment after the jail is created but before exec.start is run.= That would be the right place to set the initial address. So barring tha= t, you may want to have network services not started up at all, until this = poststart script sets the address. So it's still not a simple issue. >=20 > - Jamie > _______________________________________________ > freebsd-jail@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F9734DA1-D3BE-46C8-87C7-91C4C4B653F1>