Jails, IPs and identd
doug
doug at fledge.watson.org
Tue Aug 5 14:55:53 UTC 2008
On Tue, 5 Aug 2008, Redd Vinylene wrote:
> Hello!
>
> I have a jail with multiple IPs. It runs identd, however it only works
> from the jail's main IP:
>
> auth stream tcp nowait root internal auth -r -f -n -o UNKNOWN -t 30
>
> How do I make it work from absolutely all IPs?
>
> Perhaps: auth stream tcp nowait root internal auth -r -f -n -o UNKNOWN
> -t 30 -a <insert hundreds of ips here>?
>
> Thank you all!
>
> # man identd
>
> -a Specify one specific IP address to bind to. Alternatively, a
> hostname can be specified, in which case the IPv4 or IPv6 address
> which corresponds to that hostname is used. Usually a hostname
> is specified when inetd is run inside a jail(8), in which case
> the hostname corresponds to that of the jail(8) environment.
>
> When the hostname specification is used and both IPv4 and IPv6
> bindings are desired, one entry with the appropriate protocol
> type for each binding is required for each service in
> /etc/inetd.conf. For example, a TCP-based service would need two
> entries, one using ``tcp4'' for the protocol and the other using
> ``tcp6''. See the explanation of the /etc/inetd.conf protocol
> field below.
>
It is my understanding you get one IP/jail and that multiple IPs are a work in
progress. See http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-intro.html
A jail is characterized by four elements:
:
* An IP address -- this will be assigned to the jail and cannot be changed in
any way during the jail's life span. The IP address of a jail is usually an
alias address for an existing network interface, but this is not strictly
necessary.
More information about the freebsd-questions
mailing list