From owner-freebsd-questions@FreeBSD.ORG Wed Oct 5 04:09:43 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 69F2B16A420 for ; Wed, 5 Oct 2005 04:09:43 +0000 (GMT) (envelope-from espartano.list@gmail.com) Received: from xproxy.gmail.com (xproxy.gmail.com [66.249.82.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id C0F8A43D46 for ; Wed, 5 Oct 2005 04:09:42 +0000 (GMT) (envelope-from espartano.list@gmail.com) Received: by xproxy.gmail.com with SMTP id t5so48550wxc for ; Tue, 04 Oct 2005 21:09:42 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=fxF4wpa6B+clLm2D3s32J8FqvjVTsgoFCOhYlpgZlc6uk+KBWwnlRrD+yBjhJZ9X7Ee0EloPEmQGImSLyFJ51ZfNljRo7txmkN+mAMnuoaNXobdi/ctYZzSwGSUyfuB4Ju3450dQnUiaPwKviNjayacwI2+v68rLOun+7OjnUbI= Received: by 10.70.113.11 with SMTP id l11mr226072wxc; Tue, 04 Oct 2005 21:09:42 -0700 (PDT) Received: by 10.70.125.20 with HTTP; Tue, 4 Oct 2005 21:09:42 -0700 (PDT) Message-ID: <9385b1fc0510042109r5776c27cy@mail.gmail.com> Date: Tue, 4 Oct 2005 23:09:42 -0500 From: Tyler T To: freebsd-questions@freebsd.org In-Reply-To: <9385b1fc0510041611r1d425adp@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <9385b1fc0510041611r1d425adp@mail.gmail.com> Subject: Re: problem with ssh connetions in jail X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Tyler T List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Oct 2005 04:09:43 -0000 > hi people first sorry for my english. > > i have a pc with only one etternet card connected to a router > (172.16.0.1) which provide both internet connection and dhcp service, > in this machine i have configured a jail virtual server, the ip of the > real server is 172.16.1.36/16 and i have made a ip alias for the jail > virtual server which is 172.16.1.100/32, i want that the virtual > server respond all incoming connections from internet, i have > configured natd with next option in /etc/rc.natd: > > redirect_port tcp 172.16.1.100:22 22 > > > in /etc/firewall.rules: > > add divert natd all from any to any via rl0 > > > in /etc/rc.conf: > > natd_enable=3D"YES" > natd_interface=3D"rl0" > natd_flags=3D"-l -f /etc/rc.natd" > > firewall_enable=3D"YES" > firewall_type=3D"/etc/firewall.rules" > firewall_script=3D"/etc/rc.firewall" > > in the sshd of jail: > > KeepAlive yes > UseDNS no > > my firewall is IPFW2, the configuration works well however often the > conections is reset, i don't know what happen > > a scheme of my lan: > > 172.16.0.1/16 > real ip 172.16.1.36/16 > > INTERNET----------modem/router------------------------- PC with run jail > > > alias ip 172.16.1.100/32 > > > any help is thank in avantage. > the solution: in /etc/ssh/sshd_config add following line: VerifyReverseMapping no thanks for all :)