ezjail

[Aiza]

Aiza wrote:
> Ruben de Groot wrote:
>> On Mon, Mar 22, 2010 at 11:23:54AM +0100, Dh?nin Jean-Jacques typed:
>>
>>>>> on the lan gives me no sockets mesg. And ftp from 10.0.10.6 to
>>>>> 10.0.20.30 the ftp jail gives me no connection error.
>>
>>> add
>>>
>>> sysctl security.jail.allow_raw_sockets=1
>>> or in /etc/sysctl.conf
>>> on the host (not in in the jail)
>>
>> This will enable him to ping another host from within the jail. I 
>> won't do anything for ftp.
>>
>> OP: what exact error do you get? And does ftp work *within* the jail
>> (ftp localhost)?
> 
> with sysctl security.jail.allow_raw_sockets=1  done on the host. From 
> within the jail did ping -c 2 10.0.10.6 which is a pc on the lan gives 
> me socket: Operation not permitted mesg.
> 
> And ftp from 10.0.10.6 to 10.0.20.30 the ftp jail gives me no connection 
> error.
> 
> Just how am i to determine if ftp work *within* the jail ftp localhost?


For the archives. This is the results from the original poster.
My original goal was to test jails on the gateway for access only from 
the lan users. To wanted a jailed ftp service for LAN users to upload 
and download stuff between them selfs. I already have a working lan 
users ftp setup on the gateway server so this jail setup is not really 
needed. So it's not a problem of knowing how to setup ftp. My main 
vehicle of jail management was ezjail. Did not play with the native jail 
command. The final outcome is I could not get jails to communicate over 
the private LAN. Seeing as jails design uses public ip address, it's 
little wonder it wont work with private LAN ip address. In time jails 
and ezjail will mature and maybe evolve into working with jails with 
private ip address. But for now jails don't serve my purposes.