Date: Sun, 13 Dec 2015 19:02:37 +0000 From: marcel <marcel.plouf@gmail.com> To: Sami Halabi <sodynet1@gmail.com> Cc: freebsd-jail@freebsd.org, Dirk Engling <erdgeist@erdgeist.org>, "Michael B. Eichorn" <ike@michaeleichorn.com> Subject: Re: Configuring network without ezjail Message-ID: <566DC0CD.7060502@gmail.com> In-Reply-To: <CAEW%2BogYQhYpKDR82Bzs1gHKwuXSJKH1sh5PTKZwBZFLRY%2BfMzw@mail.gmail.com> References: <566B67F7.1090404@gmail.com> <566B5CB6.8050009@erdgeist.org> <566B7D7E.2070507@gmail.com> <566B8183.3080306@gmail.com> <1449888253.23602.14.camel@michaeleichorn.com> <1449889151.23602.24.camel@michaeleichorn.com> <566D05DD.9080201@gmail.com> <CAEW%2BogYQhYpKDR82Bzs1gHKwuXSJKH1sh5PTKZwBZFLRY%2BfMzw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 13/12/2015 07:50, Sami Halabi wrote:
>
> hi,
> I think you need to configure the ip in the host first kater it'll be
> seen in the jail.
>
> using rf 1918 addreses means you need NAT in your router to have
> access the internet.
> rather than that using the term 'routing' is incorrecg unless you have
> multiple hops to get the packets to the router.
>
> Sami
>
The IP on the host works perfectly, internet access too...
But anyway the remote machine on which the jail is on has suddently
shutdown and I can't turn on for the moment so subject is closed...
Thanks for your help !
>
> בתאריך 13 בדצמ׳ 2015 6:45 AM, "marcel" <marcel.plouf@gmail.com
> <mailto:marcel.plouf@gmail.com>> כתב:
>
>
>
> On 12/12/2015 02:59, Michael B. Eichorn wrote:
> > On Fri, 2015-12-11 at 21:44 -0500, Michael B. Eichorn wrote:
> >> On Sat, 2015-12-12 at 02:08 +0000, marcel wrote:
> >>> ... and I think I have enabling gateway, I wrote thins in both of
> >>> my
> >>> rc.conf (jail and host):
> >>>
> >>> gateway_enable="YES"
> >>>
> >>> Is it correct ?
> >> You only need gateway_enable if you are doing routing, it is not
> >> necessary for a typical jail setup. Most of the time you are just
> >> adding an alias to the host's nic.
> OK so if I want to my jail can access to internet I have to do
> routing,
> right ?
> >>> But I don't think I have DNS problems, my host correctly access to
> >>> the
> >>> internet and the resolv.conf of my jail and my host are same...
> >>>
> >>> On 12/12/2015 01:50, marcel wrote:
> >>>> No I don't get to have an IP address... Yet I have writed this in
> >>>> my
> >>>> host's rc.conf:
> >>>>
> >>>> jail_enable="YES"
> >>>> jail_list="thename"
> >>>> jail_guantanamo_rootdir="thepath"
> >>>> jail_guantanamo_hostname="thename"
> >>>> jail_guantanamo_ip="192.168.0.12"
> >>>>
> >>>> and I use the command:
> >>>>
> >>>> jail thepath thename 192.168.0.12 /bin/csh
> >>>>
> >>>> to connect to my jail...
> >>>>
> >>>> On 11/12/2015 23:31, Dirk Engling wrote:
> >>>>> On 12.12.15 01:19, marcel wrote:
> >>>>>
> >>>>>> I would like to know if it is possible to configure a jail's
> >>>>>> network for
> >>>>>> accessing to the World Wide Web but without ezjail ?
> >>>>>> I have created my jail without ezjail (mkdir jail, make
> >>>>>> installworld,
> >>>>>> etc...) and I would like to continue without it if it's
> >>>>>> possible...
> >>>>> Sure, why doesn't it connect to the net? Does it have a RFC1918
> >>>>> IP? If
> >>>>> so, you need to enable NAT. If not, did you enable gatewaying?
> >>>>> Maybe you
> >>>>> just have DNS problems, so is your resolv.conf set up properly?
> >>>>>
> >>>>> Without knowing what exactly is not working, I can not help
> >>>>> you.
> >>>>>
> >>>>> erdgeist
> >> I think you found some old instructions, assuming a 10.x system
> here
> >> is
> >> the boilerplate for a typical jail:
> >>
> >> rc.conf:
> >>
> >> jail_enable="YES"
> >>
> >> jail.conf:
> >>
> >> interface = re0;
> >> mount.devfs;
> >> exec.start = "/bin/sh /etc/rc";
> >> exec.stop = "/bin/sh /etc/rc.shutdown";
> >>
> >> thenameofthejail {
> >> host.hostname = host.domain.tld;
> >> path = /the/path/to/the/jail
> >> ip4.addr = 192.168.0.12;
> >> }
> >>
> >> and start it up with
> >>
> >> # jail -c thenameofthejail
> >>
> >> And another handy tip you can avoid building a jail with make by
> >> extacting the base.txz file found in places like the install media
> >> into
> >> the jail directory
> OK, so my jail.conf look like your jail.conf and when I type jls
> my jail
> have the IP 192.168.0.12 but when I type ifconfig in my jail I
> have no ip...
> > Oh and before I forget, the trickiest thing for me moving from
> ezjail
> > to jail was updating. Assuming your jails are complete base
> systems and
> > that you would like to use binary updates with freebsd-update,
> and you
> > have completely sparated jails without any funny tricks to save
> space,
> > here is Ike's simple jail update guide:
> >
> > edit the jail's freebsd-update.conf and change
> >
> > Components src world kernel
> > -to-
> > Components world
> >
> > then run freebsd-update like so:
> >
> > # freebsd-update -b /usr/jails/jaildir \
> > -f usr/jails/jaildir/etc/freebsd-update.conf \
> > -d /usr/jails/jaildir/var/db/freebsd-update fetch
> > # freebsd-update -b /usr/jails/jaildir \
> > -f /usr/jails/jaildir/etc/freebsd-update.conf \
> > -d /usr/jails/jaildir/var/db/freebsd-update install
> >
> > Using the -f flag keeps the jail from using the host config
> since jails
> > cannot update kernels anyway. And -d keeps jails and hosts from
> > trampling each other which is nice if you want to do more than
> one at a
> > time, or if you use freebsd-update cron.
> Thanks for tip !
> _______________________________________________
> freebsd-jail@freebsd.org <mailto:freebsd-jail@freebsd.org> mailing
> list
> https://lists.freebsd.org/mailman/listinfo/freebsd-jail
> To unsubscribe, send any mail to
> "freebsd-jail-unsubscribe@freebsd.org
> <mailto:freebsd-jail-unsubscribe@freebsd.org>"
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?566DC0CD.7060502>