Date: Sun, 24 Jul 2022 17:31:58 +0200 From: Kurt Jaeger <pi@freebsd.org> To: James Gritton <jamie@gritton.org> Cc: freebsd-jail@freebsd.org Subject: Re: jail created with ip4=new and ipv4.addr shows ip4=disable on jail -s Message-ID: <Yt1l7sQoF0PXY6oF@fc.opsec.eu> In-Reply-To: <8e1bf678efc18f9d3c4d5ee16df3caa1@gritton.org> References: <Ytvh5CPwgGa02f1q@fc.opsec.eu> <8e1bf678efc18f9d3c4d5ee16df3caa1@gritton.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi! > > On a 13.1 box: > > > > The jail is created with: > > > > /usr/sbin/jail -c allow.raw_sockets allow.sysvipc devfs_ruleset=4 > > host.hostname=somehostname path=/somepath ip4=new ip4.addr=<someipv4> > > ip6=new ip6.addr=<someipv6> command=/bin/sh /etc/rc > > But: > > jail -s > > displays: > > [...] ip4=disable ip6=disable > > Is that a bug and if not, why does it behave like that ? > > It's a bug in the reporting. Thanks very much for the explaination! > ip4 is presented as a jailsys parameter with > its values of disable, inherit, and new. jail_get(2) reports such values > based on flags in the prison structure, but ip4 and ip6 are only stored as > a single bit with disable indistinguishable from new. jail_get should be > looking at the number of IP addresses, which is what tells the difference. Interesting! -- pi@FreeBSD.org +49 171 3101372 Now what ?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Yt1l7sQoF0PXY6oF>