bind() on 127.0.0.1 in jail: bound to the outside address?
Michael Schuh
michael.schuh at gmail.com
Mon Jul 4 11:16:50 GMT 2005
Hello,
in Jails you cannot bound any application to the 127.0.0.1,
you ccan always bound only to the jail-ip.
If you setup sshd in jail (or an other way to get a shell in this jail) so
you can make the ifconfig -a so that you can see you have only the outbound
address 192.168.1.1 ( the jail-ip) to bind services to that address.
jou can not have more then one 127.0.0.1, because this address is
viewable in the Host
enviroment, but you can try to setting up 127.0.0.2 as second
ipdadress of the lo-device
and get these the jail, but you loose then the other ip ( i think, be not sure).
try to set the second ip-address in rc.conf of the jail.
best regards
michael
More information about the freebsd-security
mailing list