How to connect a jail to the web ?

[Brice ERRANDONEA]

> Where did you get that second IP address from?  Did you just
> add it manually?  Or is that the address that your gateway
> (DSL router, whatever) got assigned from your ISP?

I added it manually in rc.conf (on the host) :

hostname="FreeBSD.ici"
ifconfig_rl0="DHCP"
keymap="fr.iso.acc"       (yes, I'm french)
moused_enable="YES"
saver="dragon"
hald_enable="YES"
dbus_enable="YES"
devfs_system_ruleset="localrules"

jail_enable="NO"
jail_list="MaPrison"
jail_interface="rl0"
jail_devfs_ruleset="devfsrules_jail"
jail_devfs_enable="YES"

jail_server_rootdir="/usr/prison"
jail_server_hostname="MaPrison"
jail_server_ip="93.0.168.242"

I choosed it because that's my computer's public ip, at least according to this 
website : http://whatismyipaddress.com/

> I assume that IP address is not really routed to your host,
> but that NAT (Network Address Translation) is used on your
> router.  So you cannot use that address on the host.
> (If that's not true, please exlain the structure of your
> network in more detail.)

My "network" is VERY simple. I've got a modem (or "box") provided by my phone 
company. It's called a "neufbox" and acts as a gateway. The computer with 
FreeBSD is connected to this "box" through an ethernet cable. Two other 
computers are connected to it via wifi.

> So, if my assumptions are true, you must use the address
> 192.168.1.38 for your jail.  Make sure that DNS is working
> inside the jail ...  It should be sufficient to copy
> /etc/resolv.conf from the host to /usr/prison/etc/resolv.conf

OK, I'll try this.

> If it still doesn't work:  Are you using any packet filter
> (ipfw, ipf, pf)?  If so, please show the complete list of
> rules.

No, I don't. I've tried pf but you told it was not necessary.

> Otherwise, it might help to run tcpdump(1) on the host, so
> you can see the actual packets that are transmitted and
> received.

Allright. I try it too.

Good bye for the moment and thanks for your help.

Brice