Why does netstat not work in jails?
Chris H
bsd-lists at bsdforge.com
Fri Aug 28 05:33:04 UTC 2015
On Fri, 28 Aug 2015 08:12:53 +0300 "Alexander V. Chernikov" <melifaro at ipfw.ru>
wrote
> 28.08.2015, 04:56, "Chris H" <bsd-lists at bsdforge.com>:
> > I've been attempting to run jails on an 11-CURRENT
> > for the purpose of building world/kernel && ports
> > for all of our 9-STABLE production servers. I'm using
> > standard/classic jail setup(s) -- not using any
> > of the "convenience" ports/applications that abstract
> > the process in any way.
> > While everything seemed to go as intended/anticipated,
> > I'm seeing things I *didn't* expect.
> > The host network get's it's "public" IP from the router
> > in front of it. From the router, I insure that it is
> > allocated the same non-public IP everytime. So DHCP
> > assigns it 192.168.0.100. I assigned the jail 192.168.0.103.
> > SSHD is started within the jail, root IS allowed login.
> > But any attempt to ssh to 192.168.0.103 from the host,
> > returns:
> > ssh_exchange_identification: Connection closed by remote host.
> >
> > SSHD id NOT running on the host.
> >
> > inetd_flags="-wW -a 192.168.0.100" and syslogd_flags="-ss"
> > is set on the host via rc.conf
> >
> > second issue; loging into the jail, via jexex. If I perform:
> > netstat -nr
> > The following is returned:
> > netstat: kvm not available: /dev/mem: No such file or directory
> > Routing tables
> > rt_tables: symbol not in namelist
> >
> > Any thought's jump out at anyone?
> Direct kvm interface was removed from head a year ago.
> What you can do is recompiling netstat binary from 9 with NewTree variable
> defined to 1 and see if this helps. Output will look a bit different, but
> you'll be able to see routing tables from jail.
> https://svnweb.freebsd.org/base/stable/9/usr.bin/netstat/route.c?revision=242
> 025&view=markup#l122
>
> Another option is merging r261207 and r263335.
Perfect! That explains it.
Thank you, Alexander!
--Chris
--
More information about the freebsd-current
mailing list