Date: Tue, 10 Apr 2012 17:14:29 -0500 From: Mark Felder <feld@feld.me> To: freebsd-jail@freebsd.org Subject: Re: Jail source address selection broken, patch for ping Message-ID: <op.wcklefqm34t2sn@cr48.lan> In-Reply-To: <903CBCF8-5096-4C5B-A5A9-F8495AA8751C@netplex.se> References: <493438014.49159.1333999007132.JavaMail.root@mrelmx09.mrec.ar> <op.wcik10bo34t2sn@tech304> <903CBCF8-5096-4C5B-A5A9-F8495AA8751C@netplex.se>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 10 Apr 2012 04:03:22 -0500, Anders Hagman <anders.hagman@netplex.se> wrote: > I have used vnet jail to get your own IP stack. > One strange thing is that tcpdump on the host can not see the packets. Yes, vnet avoids this issue. You shouldn't be able to tcpdump on the host to see the packets; those interfaces are now entirely owned by the jail. Unfortunately we cannot use vnet because it is very experimental still and I have been able to cause it to panic many times.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?op.wcklefqm34t2sn>