Jails, IPs and identd

Redd Vinylene reddvinylene at gmail.com
Tue Aug 5 17:48:08 UTC 2008 

On Tue, Aug 5, 2008 at 6:02 PM,  <doug at safeport.com> wrote:
> ah - above my pay grade.
>
> On Tue, 5 Aug 2008, Redd Vinylene wrote:
>
>> Yeah but I'm using Bjoern Zeeb's multiple IP patch...
>>
>> On Tue, Aug 5, 2008 at 4:43 PM, doug <doug at fledge.watson.org> wrote:
>>>
>>>
>>> On Tue, 5 Aug 2008, Redd Vinylene wrote:
>>>
>>>> Hello!
>>>>
>>>> I have a jail with multiple IPs. It runs identd, however it only works
>>>> from the jail's main IP:
>>>>
>>>> auth stream tcp nowait root internal auth -r -f -n -o UNKNOWN -t 30
>>>>
>>>> How do I make it work from absolutely all IPs?
>>>>
>>>> Perhaps: auth stream tcp nowait root internal auth -r -f -n -o UNKNOWN
>>>> -t 30 -a <insert hundreds of ips here>?
>>>>
>>>> Thank you all!
>>>>
>>>> # man identd
>>>>
>>>>   -a      Specify one specific IP address to bind to.  Alternatively, a
>>>>           hostname can be specified, in which case the IPv4 or IPv6
>>>> address
>>>>           which corresponds to that hostname is used.  Usually a
>>>> hostname
>>>>           is specified when inetd is run inside a jail(8), in which case
>>>>           the hostname corresponds to that of the jail(8) environment.
>>>>
>>>>           When the hostname specification is used and both IPv4 and IPv6
>>>>           bindings are desired, one entry with the appropriate protocol
>>>>           type for each binding is required for each service in
>>>>           /etc/inetd.conf.  For example, a TCP-based service would need
>>>> two
>>>>           entries, one using ``tcp4'' for the protocol and the other
>>>> using
>>>>           ``tcp6''.  See the explanation of the /etc/inetd.conf protocol
>>>>           field below.
>>>>
>>> It is my understanding you get one IP/jail and that multiple IPs are a
>>> work
>>> in progress. See
>>>
>>> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-intro.html
>>>
>>> A jail is characterized by four elements:
>>>  :
>>> * An IP address -- this will be assigned to the jail and cannot be
>>> changed
>>> in
>>>  any way during the jail's life span. The IP address of a jail is usually
>>> an
>>>  alias address for an existing network interface, but this is not
>>> strictly
>>>  necessary.
>>>
>>>
>>>
>>
>>
>>
>> --
>> http://www.home.no/reddvinylene
>>
>
> _____
> Douglas Denault
> http://www.safeport.com
> doug at safeport.com
> Voice: 301-469-8766
>  Fax: 301-469-0601
>

heheh.. no worries. i think im better off asking this on the
freebsd-jails mailinglist anyhow. have a great day!

-- 
http://www.home.no/reddvinylene

More information about the freebsd-questions mailing list