Date: Sat, 12 Mar 2005 08:03:23 -0600 (CST) From: "H. S." <security@revolutionsp.com> To: freebsd-hackers@FreeBSD.org Subject: IP packets from host system showing inside a jail? Message-ID: <63687.81.84.174.5.1110636203.squirrel@mail.revolutionsp.com>
next in thread | raw e-mail | index | archive | help
Hey, I've noticed something odd.. I'm using FreeBSD 5.3-STABLE with PF, on a dual xeon 2.4 system. I have two jails running for web and mail servers. Today I was testing something and needed a tcpdump, so inside a jail I started tcpdump as root. To my amazement, IP packets from the host system (IRC connections that should NOT show on that jail) were appearing on the tcpdump INSIDE the jail! tcpdump then became irresponsive quickly after capturing those, ^C wouldn't kill it and ^Z didn't nothing either. I had to login from another terminal to the host system, and killall -KILL tcpdump. Is this a known bug? IP packets from the host system<->internet should not be visible inside the jail. If you need tcpdump/uname -a etc, I'll provide these when asked. Regards
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?63687.81.84.174.5.1110636203.squirrel>