Date: Wed, 29 May 2013 08:40:35 -0400 From: Joe <fbsd8@a1poweruser.com> To: Mogamat Abrahams <lists@tabits.co.za> Cc: freebsd-jail@freebsd.org Subject: Re: Cant reach Jailed services from internet. Message-ID: <51A5F743.7080307@a1poweruser.com> In-Reply-To: <loom.20130529T091557-794@post.gmane.org> References: <loom.20130527T091739-282@post.gmane.org> <cc5f425486d0fc06e1ddc0a8cbe300ad@nanogene.org> <loom.20130527T215634-190@post.gmane.org> <20130528145629.X55451@sola.nimnet.asn.au> <20130528080719.GA11195@eik.bme.hu> <loom.20130528T180339-694@post.gmane.org> <loom.20130529T091557-794@post.gmane.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Mogamat Abrahams wrote: > The plot thickens! > > Running tcpdump on the host, I can see that the packets are received at the > host on the ip address. Netstat on the host and jail also show services > listening on those addresses on the correct ports. > But for some reason the jails are not responding to the packets....... and > tcpdump does not work inside jails. Are their any other tools that can be used > to diagnose this? > > Compiling a kernel a VIMAGE in the meantime, just in case... > Do you have gateway_enable="YES" statement in the host's rc.conf? Is the jails /etc/resolv.conf populated with the correct info? You said "Netstat on the host and jail also show services listening on those addresses on the correct ports." If what you mean is the host has processes listening on the SAME ip address / ports as the jails are listening on, then your jails will never get any unsolicited traffic because the host always gets access to that traffic first and processes it without the jail ever knowing about it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51A5F743.7080307>