INADDR_ANY bind in a multiip jail

Sten Spans sten at blinkenlights.nl
Sat Dec 4 18:30:33 PST 2004


On Sat, 4 Dec 2004, Bjoern A. Zeeb wrote:

> On Sat, 4 Dec 2004, Andre Oppermann wrote:
>
>>> i just found a patch from Pawel Jakub Dawidek(mijail5) which do not
> ...
>> Do you have a link?  I'd like to have a look at the code.
>
> http://garage.freebsd.pl/

This code is borken on 5.3, because of mfc's.
There is a somewhat fixed version at:
http://blog.mombe.org/data/systems/mijail5.asis
which seems to function reasonably.
Although the site which hosts it is quite hard
to reach.

I use this patch to run webservers with vrrp redundant
ip's, and apache with multiple ip's ( ssl ) in a jail.
Aka, I have multiple active ips in apache, but not all
of them active on each box which basically means inaddr_any.
And I do have a need for jailing user scripting
( evil suexec-like tricks ).

The inaddr_any need can be "fixed" with ips on loopback,
and some routing or natd tricks. And one could run
a seperate apache for each ip.

-- 
Sten Spans

"There is a crack in everything, that's how the light gets in."
Leonard Cohen - Anthem


More information about the freebsd-net mailing list