jail.conf ignoring exec.fib?
fbsd8 at a1poweruser.com
Sat Aug 17 12:56:38 UTC 2013
Karl Pielorz wrote:
> --On 14 August 2013 08:58 -0400 Fbsd8 <fbsd8 at a1poweruser.com> wrote:
>> The jail(8) man page lacks details about how to use exec.fib.
>> It requires either a new kernel (with "options ROUTETABLES=2" or however
>> many you want), or a boot-time setting with "net.fibs=2" in
>> /boot/loader.conf (requiring a reboot).
> Yup, done that :)
>> setfib 1 route add default 188.8.131.52
>> creates routing table number 1 with that IP address.
>> In this example exec.fib="1" would be coded.
>> See setfib(8) and setfib(2) for details.
> Yeah, I do that as well - but 'netstat -r -n' from within the jail shows
> the systems default routing table.
> As opposed to 'setfib 1 netstat -r -n' (outside the jail) which shows
> fib either has no default gateway, or the one I set (which is right).
> Just within the jail, it only every shows it's using the systems default
> routing table :(
> Fib's work fine outside the jail (i.e. I can show them, set differing
> default gateways) - but no matter what I do, the 'exec.fib=' line in
> jail.conf seems to be ignored, when the jail is run up - it only ever
> sees the default routing table :(
What your describing seems that the netstat command issued from within
the jail is not "JAIL" aware. Develop another way from the host to
verify that jail's 'exec.fib=' parameter is working or not.
More information about the freebsd-questions