From owner-freebsd-current@freebsd.org Fri Aug 28 05:13:07 2015 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9C1369C316D for ; Fri, 28 Aug 2015 05:13:07 +0000 (UTC) (envelope-from melifaro@ipfw.ru) Received: from forward12h.cmail.yandex.net (forward12h.cmail.yandex.net [IPv6:2a02:6b8:0:f35::9d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "forwards.mail.yandex.net", Issuer "Certum Level IV CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 545F9188A for ; Fri, 28 Aug 2015 05:13:06 +0000 (UTC) (envelope-from melifaro@ipfw.ru) Received: from web3h.yandex.ru (web3h.yandex.ru [84.201.186.32]) by forward12h.cmail.yandex.net (Yandex) with ESMTP id AA48821B76; Fri, 28 Aug 2015 08:12:54 +0300 (MSK) Received: from 127.0.0.1 (localhost [127.0.0.1]) by web3h.yandex.ru (Yandex) with ESMTP id 1C9C672810D3; Fri, 28 Aug 2015 08:12:54 +0300 (MSK) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfw.ru; s=mail; t=1440738774; bh=C6pifMtn+fFlhyEIE6dUC4SYuOXbR5tooet8oAZHWK0=; h=From:To:In-Reply-To:References:Subject:Date; b=nAbSd7YefGX7oqs70VlycTm852Kue9WQeAFQ4Vu7jUVChcl1vmm67ogLqW8dGltfL hfZGhICfcUqicro+mtDVzyo7Y5rNRkV03b2Pi4aVk12J1kYVQf2YXQjmm2ejX3O1hx nylFTZvnOcKmyrTVux9uIMvLUHlMl6qjVUvDc3mA= Received: by web3h.yandex.ru with HTTP; Fri, 28 Aug 2015 08:12:53 +0300 From: Alexander V. Chernikov To: Chris H , FreeBSD CURRENT In-Reply-To: References: null Subject: Re: Why does netstat not work in jails? MIME-Version: 1.0 Message-Id: <1043401440738773@web3h.yandex.ru> X-Mailer: Yamail [ http://yandex.ru ] 5.0 Date: Fri, 28 Aug 2015 08:12:53 +0300 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Aug 2015 05:13:07 -0000 28.08.2015, 04:56, "Chris H" : > I've been attempting to run jails on an 11-CURRENT > for the purpose of building world/kernel && ports > for all of our 9-STABLE production servers. I'm using > standard/classic jail setup(s) -- not using any > of the "convenience" ports/applications that abstract > the process in any way. > While everything seemed to go as intended/anticipated, > I'm seeing things I *didn't* expect. > The host network get's it's "public" IP from the router > in front of it. From the router, I insure that it is > allocated the same non-public IP everytime. So DHCP > assigns it 192.168.0.100. I assigned the jail 192.168.0.103. > SSHD is started within the jail, root IS allowed login. > But any attempt to ssh to 192.168.0.103 from the host, > returns: > ssh_exchange_identification: Connection closed by remote host. > > SSHD id NOT running on the host. > > inetd_flags="-wW -a 192.168.0.100" and syslogd_flags="-ss" > is set on the host via rc.conf > > second issue; loging into the jail, via jexex. If I perform: > netstat -nr > The following is returned: > netstat: kvm not available: /dev/mem: No such file or directory > Routing tables > rt_tables: symbol not in namelist > > Any thought's jump out at anyone? Direct kvm interface was removed from head a year ago. What you can do is recompiling netstat binary from 9 with NewTree variable defined to 1 and see if this helps. Output will look a bit different, but you'll be able to see routing tables from jail. https://svnweb.freebsd.org/base/stable/9/usr.bin/netstat/route.c?revision=242025&view=markup#l122 Another option is merging r261207 and r263335. > > Thanks! > > --Chris > > -- > > _______________________________________________ > freebsd-current@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"