From owner-freebsd-hackers@FreeBSD.ORG  Sat Mar 12 14:03:59 2005
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6B99116A4CE
	for <freebsd-hackers@FreeBSD.org>;
	Sat, 12 Mar 2005 14:03:59 +0000 (GMT)
Received: from mail.revolutionsp.com (ganymede.revolutionsp.com [64.246.0.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1C22E43D39
	for <freebsd-hackers@FreeBSD.org>;
	Sat, 12 Mar 2005 14:03:59 +0000 (GMT)
	(envelope-from security@revolutionsp.com)
Received: from mail.revolutionsp.com (localhost [127.0.0.1])
	by mail.revolutionsp.com (Postfix) with ESMTP id BE32415CA0
	for <freebsd-hackers@FreeBSD.org>;
	Sat, 12 Mar 2005 08:03:23 -0600 (CST)
Received: from 81.84.174.5
        (SquirrelMail authenticated user security@revolutionsp.com)
        by mail.revolutionsp.com with HTTP;
        Sat, 12 Mar 2005 08:03:23 -0600 (CST)
Message-ID: <63687.81.84.174.5.1110636203.squirrel@mail.revolutionsp.com>
Date: Sat, 12 Mar 2005 08:03:23 -0600 (CST)
From: "H. S." <security@revolutionsp.com>
To: freebsd-hackers@FreeBSD.org
User-Agent: SquirrelMail/1.4.4
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Subject: IP packets from host system showing inside a jail?
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Mar 2005 14:03:59 -0000

Hey,

I've noticed something odd.. I'm using FreeBSD 5.3-STABLE with PF, on a
dual xeon 2.4 system. I have two jails running for web and mail servers.
Today I was testing something and needed a tcpdump, so inside a jail I
started tcpdump as root.

To my amazement, IP packets from the host system (IRC connections that
should NOT show on that jail) were appearing on the tcpdump INSIDE the
jail!

tcpdump then became irresponsive quickly after capturing those, ^C
wouldn't kill it and ^Z didn't nothing either. I had to login from another
terminal to the host system, and killall -KILL tcpdump.

Is this a known bug? IP packets from the host system<->internet should not
be visible inside the jail.

If you need tcpdump/uname -a etc, I'll provide these when asked.

Regards