Configuring network without ezjail

Sami Halabi sodynet1 at gmail.com
Sun Dec 13 07:51:00 UTC 2015 

hi,
I think you need to configure the ip in the host first kater it'll be seen
in the jail.

using rf 1918 addreses means you need NAT  in your router to have  access
the internet.
rather than that using the term 'routing' is incorrecg unless you have
multiple hops to get the packets to the router.

Sami
בתאריך 13 בדצמ׳ 2015 6:45 AM,‏ "marcel" <marcel.plouf at gmail.com> כתב:

>
>
> On 12/12/2015 02:59, Michael B. Eichorn wrote:
> > On Fri, 2015-12-11 at 21:44 -0500, Michael B. Eichorn wrote:
> >> On Sat, 2015-12-12 at 02:08 +0000, marcel wrote:
> >>> ... and I think I have enabling gateway, I wrote thins in both of
> >>> my
> >>> rc.conf (jail and host):
> >>>
> >>> gateway_enable="YES"
> >>>
> >>> Is it correct ?
> >> You only need gateway_enable if you are doing routing, it is not
> >> necessary for a typical jail setup. Most of the time you are just
> >> adding an alias to the host's nic.
> OK so if I want to my jail can access to internet I have to do routing,
> right ?
> >>> But I don't think I have DNS problems, my host correctly access to
> >>> the
> >>> internet and the resolv.conf of my jail and my host are same...
> >>>
> >>> On 12/12/2015 01:50, marcel wrote:
> >>>> No I don't get to have an IP address... Yet I have writed this in
> >>>> my
> >>>> host's rc.conf:
> >>>>
> >>>> jail_enable="YES"
> >>>> jail_list="thename"
> >>>> jail_guantanamo_rootdir="thepath"
> >>>> jail_guantanamo_hostname="thename"
> >>>> jail_guantanamo_ip="192.168.0.12"
> >>>>
> >>>> and I use the command:
> >>>>
> >>>> jail thepath thename 192.168.0.12 /bin/csh
> >>>>
> >>>> to connect to my jail...
> >>>>
> >>>> On 11/12/2015 23:31, Dirk Engling wrote:
> >>>>> On 12.12.15 01:19, marcel wrote:
> >>>>>
> >>>>>> I would like to know if it is possible to configure a jail's
> >>>>>> network for
> >>>>>> accessing to the World Wide Web but without ezjail ?
> >>>>>> I have created my jail without ezjail (mkdir jail, make
> >>>>>> installworld,
> >>>>>> etc...) and I would like to continue without it if it's
> >>>>>> possible...
> >>>>> Sure, why doesn't it connect to the net? Does it have a RFC1918
> >>>>> IP? If
> >>>>> so, you need to enable NAT. If not, did you enable gatewaying?
> >>>>> Maybe you
> >>>>> just have DNS problems, so is your resolv.conf set up properly?
> >>>>>
> >>>>> Without knowing what exactly is not working, I can not help
> >>>>> you.
> >>>>>
> >>>>>   erdgeist
> >> I think you found some old instructions, assuming a 10.x system here
> >> is
> >> the boilerplate for a typical jail:
> >>
> >> rc.conf:
> >>
> >>   jail_enable="YES"
> >>
> >> jail.conf:
> >>
> >>   interface = re0;
> >>   mount.devfs;
> >>   exec.start = "/bin/sh /etc/rc";
> >>   exec.stop = "/bin/sh /etc/rc.shutdown";
> >>
> >>   thenameofthejail {
> >>         host.hostname = host.domain.tld;
> >>      path = /the/path/to/the/jail
> >>         ip4.addr = 192.168.0.12;
> >>   }
> >>
> >> and start it up with
> >>
> >> # jail -c thenameofthejail
> >>
> >> And another handy tip you can avoid building a jail with make by
> >> extacting the base.txz file found in places like the install media
> >> into
> >> the jail directory
> OK, so my jail.conf look like your jail.conf and when I type jls my jail
> have the IP 192.168.0.12 but when I type ifconfig in my jail I have no
> ip...
> > Oh and before I forget, the trickiest thing for me moving from ezjail
> > to jail was updating. Assuming your jails are complete base systems and
> > that you would like to use binary updates with freebsd-update, and you
> > have completely sparated jails without any funny tricks to save space,
> > here is Ike's simple jail update guide:
> >
> > edit the jail's freebsd-update.conf and change
> >
> > Components src world kernel
> > -to-
> > Components world
> >
> > then run freebsd-update like so:
> >
> > # freebsd-update -b /usr/jails/jaildir \
> >       -f usr/jails/jaildir/etc/freebsd-update.conf \
> >       -d /usr/jails/jaildir/var/db/freebsd-update fetch
> > # freebsd-update -b /usr/jails/jaildir \
> >       -f /usr/jails/jaildir/etc/freebsd-update.conf \
> >       -d /usr/jails/jaildir/var/db/freebsd-update install
> >
> > Using the -f flag keeps the jail from using the host config since jails
> > cannot update kernels anyway. And -d keeps jails and hosts from
> > trampling each other which is nice if you want to do more than one at a
> > time, or if you use freebsd-update cron.
> Thanks for tip !
> _______________________________________________
> freebsd-jail at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-jail
> To unsubscribe, send any mail to "freebsd-jail-unsubscribe at freebsd.org"
>

More information about the freebsd-jail mailing list