Assign Lookback address 127.0.0.1 to jail
s7r at sky-ip.org
s7r at sky-ip.org
Wed Jun 11 01:19:11 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 6/11/2014 3:28 AM, Allan Jude wrote:
> On 2014-06-10 20:23, s7r at sky-ip.org wrote:
>> On 6/11/2014 3:20 AM, Allan Jude wrote:
>>> On 2014-06-10 20:07, s7r at sky-ip.org wrote:
>>>> Hi,
>>>>
>>>> Operating system is FreeBSD 10.0 64 Bit
>>>>
>>>> I have installed ezjail from ports and properly configured a
>>>> jail with its own static and dedicated IP address. Everything
>>>> works good, it's just that I have an application which
>>>> requires to talk to another one via RPC on IP 127.0.0.1, and
>>>> I have noticed the jail does not have a lo0 interface or
>>>> localhost 127.0.0.1 IP address.
>>>>
>>>> This is bad because the application has no choice but to bind
>>>> to the public IP address assigned to the jail, and it's not
>>>> safe.
>>>>
>>>> How can I add a lo0 interface with IP 127.0.0.1 to a jail?
>>>>
>>>> Thanks in advance.
>>>> _______________________________________________
>>>> freebsd-jail at freebsd.org mailing list
>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-jail To
>>>> unsubscribe, send any mail to
>>>> "freebsd-jail-unsubscribe at freebsd.org"
>>>>
>>
>>> Does it have to be 127.0.0.1? You can add an alias like
>>> 127.0.0.2 to the lo0 interface and use that.
>>
>>> Inside the jail, 127.0.0.1 is mapped to the IP of the jail.
>>
>>> Using ezjail, you can also allocate more than 1 IP address to
>>> a jail by comma separating them
>>
>>> You can also make it automatically alias the IPs for you with
>>> the syntax:
>>
>>> em0|192.168.0.10,lo0|127.0.0.2 etc
>>
>>
>>
>> Thank you Allan for your fast reply.
>>
>> I have the jail already created via: # ezjail-admin create
>> <jailname> <em0|public IP>
>>
>> How do I modify the already existing jail to have 127.0.0.2, for
>> example, or can't I just have 127.0.0.1 in the jail?
>>
>> _______________________________________________
>> freebsd-jail at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-jail To
>> unsubscribe, send any mail to
>> "freebsd-jail-unsubscribe at freebsd.org"
>>
>
> Stop the jail, and then edit /usr/local/etc/ezjail/jail_name
>
> and change the line that defines the IPs
>
Thank you it works, with 127.0.0.2
If I try to add 127.0.0.1 will this create any conflicts with the host
or will it work? Because i have something important listening on
hosts's 127.0.0.1 and don't want to mess up. I would need the same
configuration within the jail also, so that's why I need the .1
localhost IP.
- --
s7r
PGP Fingerprint: 7C36 9232 5ABD FB0B 3021 03F1 837F A52C 8126 5B11
PGP Pubkey: http://www.sky-ip.org/s7r@sky-ip.org.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJTl66PAAoJEIN/pSyBJlsR3kQIAMONQ/3FrX9tQBbdJRc7N3eP
a/fIOnBYWZCu7ad0DF2NXfOIzfrQBuKCGhm3CLQmzVGw0k/fdD/Yu/U9/kdjgI/n
A/ZELHZmowQPfao8tK6eSqeOmw6gNzhCth5ILfH0CJvvarjBXUi7ygHhwzB1U97n
sqJzKv8cDAVf67Sd3YbNNa2FoXdM32esEpsjnB8dJEF9ijzv54ovXdREYZhgkibX
IN1XcsfUGLdtZDL14+JXlTOaBDk9WgUuoEcsWeAZtM8VVaTiN/QqYbywf598hxLN
5G3AyyfUrLAq4z2RjnzZ2SGAIqv42CyE4MSf3Sft/fFNRExxiq3xAoWmwaTqRnk=
=3gqI
-----END PGP SIGNATURE-----
More information about the freebsd-jail
mailing list