Ping from jail not permitted error
m.seaman at infracaninophile.co.uk
Sun Apr 18 08:19:42 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
On 18/04/2010 04:32:26, Aiza wrote:
> kurt seel wrote:
>> Aiza wrote:
>>> My jail has public internet access because i can do pkg_add -r
>>> unix2dos and the package does install. But when I enter ping -c 2
>>> freebsd.org I get message "ping: socket: Operation not permitted"
>>> There is no firewall running in the jail.
>>> Any ideas would be helpful.
>> ICMP is disallowed by defaut for jails, see the sysctl :
>> There are good reasons for this default, so if you test remember to
>> set it
>> back when you are done.
>> Also, on a point of style, jails in their current form (see VIMAGE)
>> do not get a network stack of their own so they don't have a firewall but
>> share the hosts' network and firewall, etc.
> I don't have man vimage. Is this part of Freebsd?
It's in 8.0 and above -- VIMAGE is a kernel configuration option.
It's a work in progress. See:
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the freebsd-questions