jail addresses and default bindings
phoemix at harmless.hu
Sat Dec 16 01:40:08 PST 2006
today i've meet a behaviour, that can be an issue.
i have an lo1 interface with 7 jail addresses
as 192.168.0.0/24, where jails have addresses
from .1-.7 and there is an address for the host
system, that's .14
whenever i try to connect to a port of a jail from the
host system, the kernel automaticly assigns the
jail's IP address as the source address to the socket.
I'd assume that this is not a so welcomed behaviour, because
this way it's hard to distingvish in a packet filter(let's say pf),
among connections originating from within the jail itself or
from the host system to the jail.
my question is, are there any work in progress around this?
if it's going to be reviewed/fixed/etc, when will it going to
happen, and into which stable/release branch is it planned?
mailto: gergely.czuczy at harmless.hu
Weenies test. Geniuses solve problems that arise.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 1137 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20061216/15adb1b7/attachment.pgp
More information about the freebsd-net