how to determine primary (source) IP address in jail
BulkMailForRudy
crapsh at monkeybrains.net
Thu Feb 28 20:06:08 UTC 2019
One way to fix the problem is to use VNET in your jails and you will
get a lo0 with 127.0.0.1 inside the jail.
Rudy
On 2/28/19 2:58 AM, Miroslav Lachman wrote:
> Is there some easy way to determine the primary (source) address which
> is used in jail with multiple IP addresses?
>
> I came to this problem with running local_unbound in jail. Unbound
> refuses queries originating in this jail because the do not come from
> real 127.0.0.1 (which is the only one allowed by default). Unbound in
> jail see requests come from jails IP. It is easy to determine (in
> shell script) if jail has only one IP.
> But what in case where jail has multiple IPs? Is there some sysctl or
> some call to ifconfig or any other util to get the IP which will be
> used as source address for queries on local services in jail?
>
> I know I can allow all IPs of jail in
> access-control: a.b.c.d/32 allow
> access-control: e.f.g.h/32 allow
>
> I am just curios if there is some way to get "primary" IP in jail
> without calling anything from the host environment.
>
> Kind regards
> Miroslav Lachman
> _______________________________________________
> freebsd-jail at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-jail
> To unsubscribe, send any mail to "freebsd-jail-unsubscribe at freebsd.org"
>
More information about the freebsd-jail
mailing list