From owner-freebsd-hackers@FreeBSD.ORG Fri Mar 7 02:51:40 2014 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B4282F50; Fri, 7 Mar 2014 02:51:40 +0000 (UTC) Received: from mail-oa0-x22c.google.com (mail-oa0-x22c.google.com [IPv6:2607:f8b0:4003:c02::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 69F92E27; Fri, 7 Mar 2014 02:51:40 +0000 (UTC) Received: by mail-oa0-f44.google.com with SMTP id n16so3553699oag.3 for ; Thu, 06 Mar 2014 18:51:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=UMpz8+7VjauOWi5pzEjAxFynFS+yLzxfANlIJukpCI0=; b=tyhAY5km2mRnHkB6u5SP1dZ/GtyL9VG4smeTo8FcUo9W2J1mI+9bvTx9AIkR2A8pEG w8MlACUDEMgKupFXpPb7e2adpGvfoNiXBIPRi+/EZ1Z8qvCyUFVDt6ZLb2VkAyDpufxj qwzlGVitx9oZMBlgqQhB9EGyCAP91LPr59Ie8BZ8bcTlfD5bU4dMga+xCdeuPVxYTdWb Z2GEXlwlb35cS9Yc/f1/DCQbRHgK6HEpruuiB/dN3mwFJZo/wJ0noPtqWsF5/UzBTQAg x2l1TGMytKGn3g8i6WdktdNsmncwSjFAqhlOKSo0F0eb0UyqkqqoSfu0Q37Hi/GsJ6/P mAJA== MIME-Version: 1.0 X-Received: by 10.182.2.170 with SMTP id 10mr4899917obv.50.1394160699661; Thu, 06 Mar 2014 18:51:39 -0800 (PST) Received: by 10.182.76.201 with HTTP; Thu, 6 Mar 2014 18:51:39 -0800 (PST) In-Reply-To: <19cd01cf3974$dffa5bf0$9fef13d0$@FreeBSD.org> References: <53181410.1030107@freebsd.org> <5318B836.7040301@grosbein.net> <19cd01cf3974$dffa5bf0$9fef13d0$@FreeBSD.org> Date: Thu, 6 Mar 2014 21:51:39 -0500 Message-ID: Subject: Re: How do I create a cloned interface when there is no static connection? From: Joe Nosay To: Devin Teske Content-Type: multipart/mixed; boundary=f46d0444ea99439b6904f3fb559a X-Content-Filtered-By: Mailman/MimeDel 2.1.17 Cc: FreeBSD Hackers , Eugene Grosbein X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 02:51:40 -0000 --f46d0444ea99439b6904f3fb559a Content-Type: text/plain; charset=ISO-8859-1 On Thu, Mar 6, 2014 at 2:47 PM, wrote: > > > > -----Original Message----- > > From: Eugene Grosbein [mailto:eugen@grosbein.net] > > Sent: Thursday, March 6, 2014 10:03 AM > > To: Joe Nosay > > Cc: FreeBSD Hackers > > Subject: Re: How do I create a cloned interface when there is no static > > connection? > > > > On 07.03.2014 00:39, Joe Nosay wrote: > > > > > I'll need a dummy interface inside of the that can be bridged to > > > wlan0 outside of the jail. Normal jail with aliases. > > > > Try epair(4) and give one part of pair to jail and bridge another part > with > > wlan0. > > > > Never tried bridging a wlan with netgraph, but I wonder if the method I use > for bridging Ethernet with netgraph would work... > > Using the ngctl command to create an ng_bridge and then multiple ng_eiface > devices that you can be shoved into the jail. > > kldload ng_ether > kldload ng_bridge > kldload ng_eiface > ngctl > + mkpeer {IFACE}: bridge lower link0 > + connect {IFACE}: {IFACE}:lower upper link1 > + name {IFACE}:lower {IFACE}bridge > + quit > ifconifg {IFACE} up > ngctl > + msg {IFACE}: setpromisc 1 > + msg {IFACE}: setautosrc 0 > + mkpeer {IFACE}:lower eiface link{N} ether > + name {IFACE}bridge:link{N} > + show -n {IFACE}bridge: > Name: ngeth0 Type: eiface ID: XXXXXXXX Num > hooks: N > + name {IFACE}bridge:link{N} {NEWIFACE} > ifconfig ngeth0 name {NEWNAME} > ifconfig {NEWNAME} vnet {JID} > > Taking care to replace the following from above: > {IFACE} - the name of the interface you want to bridge (eg, em0) > {N} - link number (starts at 2; increments by-one for each new eiface) > {NEWIFACE} - the name of the new eiface (ngethN) device to create > {JID} - the jail ID of the jail you want to shove the interface into > > Of course, never tried this with WiFi. > -- > Devin > > _____________ > The information contained in this message is proprietary and/or > confidential. If you are not the intended recipient, please: (i) delete the > message and all copies; (ii) do not disclose, distribute or use the message > in any manner; and (iii) notify the sender immediately. In addition, please > be aware that any message addressed to our domain is subject to archiving > and review by persons other than the intended recipient. Thank you. > I did not properly create the jail.conf script. I believe the file of /etc/rc.d/jail should be followed; yet, there is no tutorial on setting it up. My /etc/rc.conf file is also improperly setup. How? I don't know; but, I can tell because the system will not boot completely and ctrl+C must be hit to allow logging in. --f46d0444ea99439b6904f3fb559a Content-Type: application/octet-stream; name="jail.conf" Content-Disposition: attachment; filename="jail.conf" Content-Transfer-Encoding: base64 X-Attachment-Id: f_hsh5tf690 ICAgIEZyZWVCU0QtR29vZ2xlIHsKICAgICBwYXRoID0gL2phaWxzL0ZyZWVCU0QtR29vZ2xlX3By b2plY3RzOwogICAgIGFsbG93Lm1vdW50OwogICAgIG1vdW50LmRldmZzOwogICAgIGhvc3QuaG9z dG5hbWUgPSBic2QtZ29vZ2xlYm94OwogICAgIGV4ZWMuc3RhcnQgPSAiL2Jpbi9zaCAvZXRjL3Jj IjsKICAgICBleGVjLnN0b3AgPSAiL2Jpbi9zaCAvZXRjL3JjLnNodXRkb3duIjsKICAgIH0= --f46d0444ea99439b6904f3fb559a Content-Type: application/octet-stream; name="rc.conf" Content-Disposition: attachment; filename="rc.conf" Content-Transfer-Encoding: base64 X-Attachment-Id: f_hsh5y2do1 aG9zdG5hbWU9Im51bmNhLWNvbmhlY2FkbyIKc3NoZF9lbmFibGU9IllFUyIKbW91c2VkX2VuYWJs ZT0iWUVTIgpwb3dlcmRfZW5hYmxlPSJZRVMiCiMgU2V0IGR1bXBkZXYgdG8gIkFVVE8iIHRvIGVu YWJsZSBjcmFzaCBkdW1wcywgIk5PIiB0byBkaXNhYmxlCmR1bXBkZXY9IkFVVE8iCnpmc19lbmFi bGU9IllFUyIKCmphaWxfZW5hYmxlPSJZRVMiCmphaWxfbGlzdD0iRnJlZUJTRC1Hb29nbGUiCgoK Cg== --f46d0444ea99439b6904f3fb559a--