From owner-freebsd-jail@FreeBSD.ORG  Wed May 29 12:40:38 2013
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: freebsd-jail@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id AB0A4CE0
 for <freebsd-jail@freebsd.org>; Wed, 29 May 2013 12:40:38 +0000 (UTC)
 (envelope-from fbsd8@a1poweruser.com)
Received: from mail-03.name-services.com (mail-03.name-services.com
 [69.64.155.195]) by mx1.freebsd.org (Postfix) with ESMTP id 985418F1
 for <freebsd-jail@freebsd.org>; Wed, 29 May 2013 12:40:38 +0000 (UTC)
Received: from [10.0.10.1] ([173.88.196.224]) by mail-03.name-services.com
 with Microsoft SMTPSVC(6.0.3790.4675); 
 Wed, 29 May 2013 05:40:34 -0700
Message-ID: <51A5F743.7080307@a1poweruser.com>
Date: Wed, 29 May 2013 08:40:35 -0400
From: Joe <fbsd8@a1poweruser.com>
User-Agent: Thunderbird 2.0.0.17 (Windows/20080914)
MIME-Version: 1.0
To: Mogamat Abrahams <lists@tabits.co.za>
Subject: Re: Cant reach Jailed services from internet.
References: <loom.20130527T091739-282@post.gmane.org>
 <cc5f425486d0fc06e1ddc0a8cbe300ad@nanogene.org>
 <loom.20130527T215634-190@post.gmane.org>
 <20130528145629.X55451@sola.nimnet.asn.au>
 <20130528080719.GA11195@eik.bme.hu> <loom.20130528T180339-694@post.gmane.org>
 <loom.20130529T091557-794@post.gmane.org>
In-Reply-To: <loom.20130529T091557-794@post.gmane.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 29 May 2013 12:40:34.0370 (UTC)
 FILETIME=[B6834220:01CE5C69]
X-Sender: fbsd8@a1poweruser.com
X-Authenticated-Sender: fbsd8@a1poweruser.com
X-EchoSenderHash: [fbsd8]-[a1poweruser*com]
Cc: freebsd-jail@freebsd.org
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 29 May 2013 12:40:38 -0000

Mogamat Abrahams wrote:
> The plot thickens!
> 
> Running tcpdump on the host, I can see that the packets are received at the 
> host on the ip address. Netstat on the host and jail also show services 
> listening on those addresses on the correct ports. 
> But for some reason the jails are not responding to the packets....... and 
> tcpdump does not work inside jails. Are their any other tools that can be used 
> to diagnose this?
> 
> Compiling a kernel a VIMAGE in the meantime, just in case...
> 

Do you have   gateway_enable="YES"  statement in the host's rc.conf?

Is the jails /etc/resolv.conf populated with the correct info?

You said "Netstat on the host and jail also show services
listening on those addresses on the correct ports."

If what you mean is the host has processes listening on the SAME
ip address / ports as the jails are listening on, then your jails
will never get any unsolicited traffic because the host always gets
access to that traffic first and processes it without the jail ever 
knowing about it.