Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 4 Jan 2012 12:09:11 +0100
From:      "Andrew Hotlab" <andrew.hotlab@hotmail.com>
To:        =?iso-8859-1?Q?Eirik_=D8verby?= <ltning@anduin.net>
Cc:        FreeBSD-Jail <freebsd-jail@freebsd.org>
Subject:   Re: jailed process listening on host addresses
Message-ID:  <DUB112-DS50E54C879EF4BEF0A7B4C3F6970@phx.gbl>
In-Reply-To: <78A52A88-CE31-4450-BB8D-3D5BC9D20456@anduin.net>
References:  <DUB112-DS504AD88D198A4E9DA56ABAF6970@phx.gbl> <78A52A88-CE31-4450-BB8D-3D5BC9D20456@anduin.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
-----Original Message----- 
From: Eirik Øverby
Sent: Wednesday, January 04, 2012 11:35 AM
To: Andrew Hotlab
Cc: FreeBSD-Jail
Subject: Re: jailed process listening on host addresses

> On 4. jan. 2012, at 02:10, "Andrew Hotlab" <andrew.hotlab@hotmail.com> 
> wrote:
>
> > I noticed a strange behavior some days ago, but I can't say how much 
> > long it have been happening for. Some processes which are > running in 
> > different jails on the same host seems to be listening on all host IPs.
> >
> > It's happening on several host right now (all are running FreeBSD/amd64 
> > 8.2-RELEASE-p5), with both UDP and TCP listeners. Any
> > jail is using a single unicast IP address. I really hope to miss 
> > something important... or should I guess that these processes are
> > "escaping" from the jails?! :S
>
> Did you try to actually connect to any of those listeners? I see the same 
> here, but I cannot actually connect to the ports on anything > but the 
> jail IP..
>

I've just tried to connect to the TCP port 2049 (the unfsd daemon is running 
in a jail), and actually I can only telnet to the address assigned to the 
jail where the daemon is running, even if sockstat(1) tells me that the 
process is listening on all IP addresses.

Thus the sockstat(1) command might not be able to display correctly the 
actual sockets used by some jailed processes?! It sounds pretty strange to 
me... maybe these processes are sharing something with the host because they 
are using SysV IPC or something else I ignore?

Andrew

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DUB112-DS50E54C879EF4BEF0A7B4C3F6970>