From owner-freebsd-current@freebsd.org Fri Aug 28 05:33:04 2015 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AB9019C38A7 for ; Fri, 28 Aug 2015 05:33:04 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from udns.ultimatedns.net (ultimatedns.net [209.180.214.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A1DE47D5 for ; Fri, 28 Aug 2015 05:33:02 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from ultimatedns.net (localhost [127.0.0.1]) by udns.ultimatedns.net (8.14.9/8.14.9) with ESMTP id t7S5VlG8059828 for ; Thu, 27 Aug 2015 22:31:53 -0700 (PDT) (envelope-from bsd-lists@bsdforge.com) To: In-Reply-To: <1043401440738773@web3h.yandex.ru> References: null , <1043401440738773@web3h.yandex.ru> From: "Chris H" Subject: Re: Why does netstat not work in jails? Date: Thu, 27 Aug 2015 22:31:53 -0700 Content-Type: text/plain; charset=UTF-8; format=fixed MIME-Version: 1.0 Message-id: <3f5c0eb3e833b3f8433074db7c6d01bd@ultimatedns.net> Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Aug 2015 05:33:04 -0000 On Fri, 28 Aug 2015 08:12:53 +0300 "Alexander V. Chernikov" wrote > 28.08.2015, 04:56, "Chris H" : > > I've been attempting to run jails on an 11-CURRENT > > for the purpose of building world/kernel && ports > > for all of our 9-STABLE production servers. I'm using > > standard/classic jail setup(s) -- not using any > > of the "convenience" ports/applications that abstract > > the process in any way. > > While everything seemed to go as intended/anticipated, > > I'm seeing things I *didn't* expect. > > The host network get's it's "public" IP from the router > > in front of it. From the router, I insure that it is > > allocated the same non-public IP everytime. So DHCP > > assigns it 192.168.0.100. I assigned the jail 192.168.0.103. > > SSHD is started within the jail, root IS allowed login. > > But any attempt to ssh to 192.168.0.103 from the host, > > returns: > > ssh_exchange_identification: Connection closed by remote host. > > > > SSHD id NOT running on the host. > > > > inetd_flags="-wW -a 192.168.0.100" and syslogd_flags="-ss" > > is set on the host via rc.conf > > > > second issue; loging into the jail, via jexex. If I perform: > > netstat -nr > > The following is returned: > > netstat: kvm not available: /dev/mem: No such file or directory > > Routing tables > > rt_tables: symbol not in namelist > > > > Any thought's jump out at anyone? > Direct kvm interface was removed from head a year ago. > What you can do is recompiling netstat binary from 9 with NewTree variable > defined to 1 and see if this helps. Output will look a bit different, but > you'll be able to see routing tables from jail. > https://svnweb.freebsd.org/base/stable/9/usr.bin/netstat/route.c?revision=242 > 025&view=markup#l122 > > Another option is merging r261207 and r263335. Perfect! That explains it. Thank you, Alexander! --Chris --