From owner-freebsd-hackers@FreeBSD.ORG Fri Mar 7 07:08:46 2014 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C3BC6F0; Fri, 7 Mar 2014 07:08:46 +0000 (UTC) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8BBDF607; Fri, 7 Mar 2014 07:08:46 +0000 (UTC) Received: from smarthost.fisglobal.com ([10.132.206.192]) by ltcfislmsgpa05.fnfis.com (8.14.5/8.14.5) with ESMTP id s2778iKg011589 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Fri, 7 Mar 2014 01:08:44 -0600 Received: from THEMADHATTER (10.242.181.54) by smarthost.fisglobal.com (10.132.206.192) with Microsoft SMTP Server id 14.3.174.1; Fri, 7 Mar 2014 01:08:42 -0600 From: Sender: Devin Teske To: "'Joe Nosay'" , "'Devin Teske'" References: <53181410.1030107@freebsd.org> <5318B836.7040301@grosbein.net> <19cd01cf3974$dffa5bf0$9fef13d0$@FreeBSD.org> In-Reply-To: Subject: RE: How do I create a cloned interface when there is no static connection? Date: Thu, 6 Mar 2014 23:08:38 -0800 Message-ID: <1a1801cf39d4$1155a830$3400f890$@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 15.0 Thread-Index: AQGFkmzaIuYOdOXVuBBwiRydIe9+DQJc1pq+AktiUF0BR1iDygJTdbnQAhouTC+bFZlL8A== Content-Language: en-us X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.87, 1.0.14, 0.0.0000 definitions=2014-03-07_03:2014-03-05,2014-03-07,1970-01-01 signatures=0 Cc: 'FreeBSD Hackers' , 'Eugene Grosbein' X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 07:08:46 -0000 > -----Original Message----- > From: Joe Nosay [mailto:superbisquit@gmail.com] > Sent: Thursday, March 6, 2014 6:52 PM > To: Devin Teske > Cc: FreeBSD Hackers; Eugene Grosbein > Subject: Re: How do I create a cloned interface when there is no static > connection? > > On Thu, Mar 6, 2014 at 2:47 PM, wrote: > > > > > > > > -----Original Message----- > > > From: Eugene Grosbein [mailto:eugen@grosbein.net] > > > Sent: Thursday, March 6, 2014 10:03 AM > > > To: Joe Nosay > > > Cc: FreeBSD Hackers > > > Subject: Re: How do I create a cloned interface when there is no > > > static connection? > > > > > > On 07.03.2014 00:39, Joe Nosay wrote: > > > > > > > I'll need a dummy interface inside of the that can be bridged to > > > > wlan0 outside of the jail. Normal jail with aliases. > > > > > > Try epair(4) and give one part of pair to jail and bridge another > > > part > > with > > > wlan0. > > > > > > > Never tried bridging a wlan with netgraph, but I wonder if the method > > I use for bridging Ethernet with netgraph would work... > > > > Using the ngctl command to create an ng_bridge and then multiple > > ng_eiface devices that you can be shoved into the jail. > > > > kldload ng_ether > > kldload ng_bridge > > kldload ng_eiface > > ngctl > > + mkpeer {IFACE}: bridge lower link0 > > + connect {IFACE}: {IFACE}:lower upper link1 > > + name {IFACE}:lower {IFACE}bridge > > + quit > > ifconifg {IFACE} up > > ngctl > > + msg {IFACE}: setpromisc 1 > > + msg {IFACE}: setautosrc 0 > > + mkpeer {IFACE}:lower eiface link{N} ether > > + name {IFACE}bridge:link{N} > > + show -n {IFACE}bridge: > > Name: ngeth0 Type: eiface ID: XXXXXXXX Num > > hooks: N > > + name {IFACE}bridge:link{N} {NEWIFACE} > > ifconfig ngeth0 name {NEWNAME} > > ifconfig {NEWNAME} vnet {JID} > > > > Taking care to replace the following from above: > > {IFACE} - the name of the interface you want to bridge (eg, em0) {N} - > > link number (starts at 2; increments by-one for each new eiface) > > {NEWIFACE} - the name of the new eiface (ngethN) device to create > > {JID} - the jail ID of the jail you want to shove the interface into > > > > Of course, never tried this with WiFi. > > I did not properly create the jail.conf script. I believe the file of /etc/rc.d/jail > should be followed; yet, there is no tutorial on setting it up. > My /etc/rc.conf file is also improperly setup. How? I don't know; but, I can tell > because the system will not boot completely and ctrl+C must be hit to allow > logging in. What release are you using? "uname -spr" is often succinct enough. -- Devin _____________ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.