Cant reach Jailed services from internet.
Joe
fbsd8 at a1poweruser.com
Wed May 29 12:40:38 UTC 2013
Mogamat Abrahams wrote:
> The plot thickens!
>
> Running tcpdump on the host, I can see that the packets are received at the
> host on the ip address. Netstat on the host and jail also show services
> listening on those addresses on the correct ports.
> But for some reason the jails are not responding to the packets....... and
> tcpdump does not work inside jails. Are their any other tools that can be used
> to diagnose this?
>
> Compiling a kernel a VIMAGE in the meantime, just in case...
>
Do you have gateway_enable="YES" statement in the host's rc.conf?
Is the jails /etc/resolv.conf populated with the correct info?
You said "Netstat on the host and jail also show services
listening on those addresses on the correct ports."
If what you mean is the host has processes listening on the SAME
ip address / ports as the jails are listening on, then your jails
will never get any unsolicited traffic because the host always gets
access to that traffic first and processes it without the jail ever
knowing about it.
More information about the freebsd-jail
mailing list