Cant reach Jailed services from internet.
Mogamat Abrahams
lists at tabits.co.za
Mon May 27 07:50:09 UTC 2013
Hi,
Got a 9.1 machine with two jails on it. webjail (IP=.79), mailjail(IP=.78).
I can reach the jailed services from the host, reach the jails from each
other, reach the internet from the jails and host, reach the host from the
internet BUT I cannot reach the jails from the internet.
I've used EZJAIL to set these up and assigned a public IP address to the
jails. These IP's are also aliased to the em0 interface of the host(perhaps
this is a problem?). I am assuming that the jails inherit the routing of the
host.
I've seen some posts stating that ports should be forwarded to the jails,
but that would defeat the possibility of running duplicate services in
separate jails on their own ips. Like have 3 WWW servers on one host, each
in its own jail.
Some clues from the bigger brains would be appreciated :-)
M
====================
HOST ifconfig:
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAG
IC,VLAN_HWTSO>
ether 00:30:48:b0:57:9b
inet 67.205.xx.xx netmask 0xffffffe0 broadcast 67.205.74.63
inet 174.xx.xx.76 netmask 0xfffffffc broadcast 174.x.x.79
inet 174.xx.xx.79 netmask 0xfffffffc broadcast 174.x.x.79
inet 174.xx.xx.77 netmask 0xfffffffc broadcast 174.x.x.79
inet 174.xx.xx.78 netmask 0xfffffffc broadcast 174.x.x.79
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
------------
Jail ifconfig:
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAG
IC,VLAN_HWTSO>
ether 00:30:48:b0:57:9b
inet 174.x.x.79 netmask 0xffffffff broadcast 174.x.x.79
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
More information about the freebsd-jail
mailing list