Date: Tue, 29 Dec 2009 00:50:58 +0000 From: Andrew Hotlab <andrew.hotlab@hotmail.com> To: <cryx-freebsd@h3q.com> Cc: freebsd-jail@freebsd.org Subject: RE: ezjail.flavour Message-ID: <BLU138-W11EC95EED3D2C756215300F67A0@phx.gbl>
next in thread | raw e-mail | index | archive | help
--_5f8d28c4-3e76-48c6-98b2-4ea0358f1aa9_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Thank you so much Philipp=2C I'll get the CVS version as soon as possible. =
In the meantime
I tried to add support for FIBs to the ports version and (that's incredible=
!) it seems
to function! Excuse my enthusiasm=2C but it's not my job=2C and I really n=
eed multiple
routing table support=2C since I maintain a few host running multiple jails=
in different
IP subnets (and each subnet has a different default gateway). Until now I h=
ave
"manipulated" traffic to/from jails using a couple of simple PF rules=2C bu=
t these
rudimentary patches (see the attachments) finally let me leverage the multi=
ple FIBs
feature on my FreeBSD RELENG_7_2 hosts.
I assume the ROUTETABLES kernel options has been included=2C and I make
ezjail-admin to insert the variable jail_${jailname}_fib to "0" in each new=
jail's
definition file under ${ezjail_prefix}/etc/ezjail/.An administrator has to =
assign
the correct FIB number to this variable=2C and both the scripts ezjail.sh a=
nd
ezjail-admin read its value before starting or creating a console session
for the registered jail.
I can't wait to test all new ezjail features from the current CVS release!
Greetings
Andrew
----------------------------------------
> Date: Mon=2C 28 Dec 2009 17:41:19 +0100
> From: cryx-freebsd@h3q.com
> To: andrew.hotlab@hotmail.com
> CC: bsam@ipt.ru=3B freebsd-questions@k-moeller.dk=3B freebsd-jail@freebsd=
.org
> Subject: Re: ezjail.flavour
>
> Andrew Hotlab wrote:
>> I think ezjail urgently needs some updates in order not to remain behind=
the new
>> features in FreeBSD which can dramatically improve the jail system usage=
(vnet=2C
>> ZFS=2C multiple FIB support=2C etc). I'm not a shell script expert=2C bu=
t my everyday
>> work gives me the chance to have a pretty high-level view on what is nee=
ded. I'll be
>> glad to be contacted off-list by someone with some shell scripting skill=
s and a few
>> hours of spare time to spend with me on this very useful tool.
>
> The ezjail ports version is heavily outdated=2C the CVS version is much
> more up-to-date. The cvs version has support for jails in dedicated
> ZFS-datasets etc. Currently I'm working on support for "zfs jail" in
> ezjail as well as support for FIBs and cpusets.
>
> I commited your patch to the CVS.
>
> greetings=2C
> philipp
>
> PS: there is a dedicated ezjail mailinglist
> http://erdgeist.org/arts/software/ezjail/#Author
=20
_________________________________________________________________
Windows Live: Friends get your Flickr=2C Yelp=2C and Digg updates when they=
e-mail you.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/so=
cial-network-basics.aspx?ocid=3DPID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_3:092=
010=
--_5f8d28c4-3e76-48c6-98b2-4ea0358f1aa9_
Content-Type: application/octet-stream
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="ezjail-admin.patch"
LS0tIGV6amFpbC9lemphaWwtYWRtaW4JMjAwOS8xMi8yNyAxOToyMjo1MAkzOAorKysgZXpqYWls
L2V6amFpbC1hZG1pbgkyMDA5LzEyLzI4IDEyOjU1OjE2CTQwCkBAIC0yOSw2ICsyOSw3IEBACiBl
emphaWxfZGV2ZnNfcnVsZXNldD0ke2V6amFpbF9kZXZmc19ydWxlc2V0Oi0iZGV2ZnNydWxlc19q
YWlsIn0KIGV6amFpbF9wcm9jZnNfZW5hYmxlPSR7ZXpqYWlsX3Byb2Nmc19lbmFibGU6LSJZRVMi
fQogZXpqYWlsX2ZkZXNjZnNfZW5hYmxlPSR7ZXpqYWlsX2ZkZXNjZnNfZW5hYmxlOi0iWUVTIn0K
K2V6amFpbF9maWI9JHtlemphaWxfZmliOi0iMCJ9CiAKIGV6amFpbF9kaXJsaXN0PSJiaW4gYm9v
dCBsaWIgbGliZXhlYyByZXNjdWUgc2JpbiB1c3IvYmluIHVzci9nYW1lcyB1c3IvaW5jbHVkZSB1
c3IvbGliIHVzci9saWJkYXRhIHVzci9saWJleGVjIHVzci9zYmluIHVzci9zcmMgdXNyL3NoYXJl
IgogZXpqYWlsX2Jhc2VzeXN0ZW09ImJhc2UiCkBAIC0xNDUsNyArMTQ2LDcgQEAKICAgZXpqYWls
X25hbWU9JDEKIAogICAjIENsZWFuIHZhcmlhYmxlcywgcHJldmVudCBwb2x1dGlvbgotICB1bnNl
dCBlemphaWxfY29uZmlnIGV6amFpbF9ydW5uaW5nIGV6amFpbF9ob3N0bmFtZSBlemphaWxfcm9v
dGRpciBlemphaWxfaW1hZ2UgZXpqYWlsX2ltYWdldHlwZSBlemphaWxfaW1hZ2VkZXZpY2UgZXpq
YWlsX2RldmljZWxpbmsgZXpqYWlsX2lwIGV6amFpbF9pZCBlemphaWxfYXR0YWNoZWQgZXpqYWls
X2RldmljZSBlemphaWxfZGV2aWNlX2dlb20KKyAgdW5zZXQgZXpqYWlsX2NvbmZpZyBlemphaWxf
cnVubmluZyBlemphaWxfaG9zdG5hbWUgZXpqYWlsX3Jvb3RkaXIgZXpqYWlsX2ltYWdlIGV6amFp
bF9pbWFnZXR5cGUgZXpqYWlsX2ltYWdlZGV2aWNlIGV6amFpbF9kZXZpY2VsaW5rIGV6amFpbF9p
cCBlemphaWxfaWQgZXpqYWlsX2F0dGFjaGVkIGV6amFpbF9kZXZpY2UgZXpqYWlsX2RldmljZV9n
ZW9tIGV6amFpbF9maWIKIAogICBlemphaWxfc2FmZW5hbWU9YGVjaG8gLW4gIiR7ZXpqYWlsX25h
bWV9IiB8IHRyIC1jICdbOmFsbnVtOl0nIF9gCiAKQEAgLTE2MSw2ICsxNjIsNyBAQAogICBldmFs
IGV6amFpbF9ob3N0bmFtZT1cIlwkamFpbF8ke2V6amFpbF9zYWZlbmFtZX1faG9zdG5hbWVcIgog
ICBldmFsIGV6amFpbF9yb290ZGlyPVwiXCRqYWlsXyR7ZXpqYWlsX3NhZmVuYW1lfV9yb290ZGly
XCIKICAgZXZhbCBlemphaWxfaXA9XCJcJGphaWxfJHtlemphaWxfc2FmZW5hbWV9X2lwXCIKKyAg
ZXZhbCBlemphaWxfZmliPVwiXCRqYWlsXyR7ZXpqYWlsX3NhZmVuYW1lfV9maWJcIgogICBldmFs
IGV6amFpbF9pbWFnZT1cIlwkamFpbF8ke2V6amFpbF9zYWZlbmFtZX1faW1hZ2VcIgogICBldmFs
IGV6amFpbF9pbWFnZXR5cGU9XCJcJGphaWxfJHtlemphaWxfc2FmZW5hbWV9X2ltYWdldHlwZVwi
CiAgIGV2YWwgZXpqYWlsX2F0dGFjaHBhcmFtcz1cIlwkamFpbF8ke2V6amFpbF9zYWZlbmFtZX1f
YXR0YWNocGFyYW1zXCIKQEAgLTUzMiw2ICs1MzQsNyBAQAogICBlY2hvIGV4cG9ydCBqYWlsXyR7
ZXpqYWlsX3NhZmVuYW1lfV9kZXZmc19ydWxlc2V0PVwiZGV2ZnNydWxlc19qYWlsXCIKICAgZWNo
byBleHBvcnQgamFpbF8ke2V6amFpbF9zYWZlbmFtZX1fcHJvY2ZzX2VuYWJsZT1cIiR7ZXpqYWls
X3Byb2Nmc19lbmFibGV9XCIKICAgZWNobyBleHBvcnQgamFpbF8ke2V6amFpbF9zYWZlbmFtZX1f
ZmRlc2Nmc19lbmFibGU9XCIke2V6amFpbF9mZGVzY2ZzX2VuYWJsZX1cIgorICBlY2hvIGV4cG9y
dCBqYWlsXyR7ZXpqYWlsX3NhZmVuYW1lfV9maWI9XCIke2V6amFpbF9maWJ9XCIKICAgZWNobyBl
eHBvcnQgamFpbF8ke2V6amFpbF9zYWZlbmFtZX1faW1hZ2U9XCIke2V6amFpbF9pbWFnZX1cIgog
ICBlY2hvIGV4cG9ydCBqYWlsXyR7ZXpqYWlsX3NhZmVuYW1lfV9pbWFnZXR5cGU9XCIke2V6amFp
bF9pbWFnZXR5cGV9XCIKICAgZWNobyBleHBvcnQgamFpbF8ke2V6amFpbF9zYWZlbmFtZX1fYXR0
YWNocGFyYW1zPVwiJHtlemphaWxfYXR0YWNocGFyYW1zfVwiCkBAIC04MzgsNyArODQxLDcgQEAK
ICAgIyBUcnkgdG8gYXR0YWNoIHRvIGphaWwKICAgWyAiJHtlemphaWxfZXhlY3V0ZX0iIF0gJiYg
ZXhlYyBqZXhlYyAke2V6amFpbF9pZH0gJHtlemphaWxfZXhlY3V0ZX0KIAotICBleGVjIGpleGVj
ICR7ZXpqYWlsX2lkfSAke2V6amFpbF9kZWZhdWx0X2V4ZWN1dGV9CisgIGV4ZWMgc2V0ZmliICR7
ZXpqYWlsX2ZpYn0gamV4ZWMgJHtlemphaWxfaWR9ICR7ZXpqYWlsX2RlZmF1bHRfZXhlY3V0ZX0K
ICAgOzsKICMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyBlemphaWwtYWRtaW4gQVJDSElWRSAjIyMj
IyMjIyMjIyMjIyMjIyMjIyMjIyMKIGFyY2hpdmUpCkBAIC0xMDczLDYgKzEwNzYsNyBAQAogICAg
IGV2YWwgZXpqYWlsX25ld19kZXZmc19ydWxlc2V0PVwiXCRqYWlsXyR7ZXpqYWlsX3NhZmVuYW1l
fV9kZXZmc19ydWxlc2V0XCIKICAgICBldmFsIGV6amFpbF9uZXdfcHJvY2ZzX2VuYWJsZT1cIlwk
amFpbF8ke2V6amFpbF9zYWZlbmFtZX1fZGV2ZnNfZW5hYmxlXCIKICAgICBldmFsIGV6amFpbF9u
ZXdfZmRlc2Nmc19lbmFibGU9XCJcJGphaWxfJHtlemphaWxfc2FmZW5hbWV9X2ZkZXNjZnNfZW5h
YmxlXCIKKyAgICBldmFsIGV6amFpbF9uZXdfZmliPVwiXCRqYWlsXyR7ZXpqYWlsX3NhZmVuYW1l
fV9maWJcIgogICAgIGV2YWwgZXpqYWlsX25ld19hdHRhY2hwYXJhbXM9XCJcJGphaWxfJHtlemph
aWxfc2FmZW5hbWV9X2F0dGFjaHBhcmFtc1wiCiAgICAgZXZhbCBlemphaWxfbmV3X2F0dGFjaGJs
b2NraW5nPVwiXCRqYWlsXyR7ZXpqYWlsX3NhZmVuYW1lfV9hdHRhY2hibG9ja2luZ1wiCiAgICAg
ZXZhbCBlemphaWxfbmV3X2ZvcmNlYmxvY2tpbmc9XCJcJGphaWxfJHtlemphaWxfc2FmZW5hbWV9
X2ZvcmNlYmxvY2tpbmdcIgpAQCAtMTEzOCw2ICsxMTQyLDcgQEAKICAgICBlY2hvIGV4cG9ydCBq
YWlsXyR7ZXpqYWlsX25ld19zYWZlbmFtZX1fZGV2ZnNfcnVsZXNldD1cIiR7ZXpqYWlsX25ld19k
ZXZmc19ydWxlc2V0fVwiCiAgICAgZWNobyBleHBvcnQgamFpbF8ke2V6amFpbF9uZXdfc2FmZW5h
bWV9X3Byb2Nmc19lbmFibGU9XCIke2V6amFpbF9uZXdfcHJvY2ZzX2VuYWJsZX1cIgogICAgIGVj
aG8gZXhwb3J0IGphaWxfJHtlemphaWxfbmV3X3NhZmVuYW1lfV9mZGVzY2ZzX2VuYWJsZT1cIiR7
ZXpqYWlsX25ld19mZGVzY2ZzX2VuYWJsZX1cIgorICAgIGVjaG8gZXhwb3J0IGphaWxfJHtlemph
aWxfbmV3X3NhZmVuYW1lfV9maWI9XCIke2V6amFpbF9uZXdfZmlifVwiCiAgICAgZWNobyBleHBv
cnQgamFpbF8ke2V6amFpbF9uZXdfc2FmZW5hbWV9X2ltYWdlPVwiJHtlemphaWxfbmV3X2ltYWdl
fVwiCiAgICAgZWNobyBleHBvcnQgamFpbF8ke2V6amFpbF9uZXdfc2FmZW5hbWV9X2ltYWdldHlw
ZT1cIiR7ZXpqYWlsX25ld19pbWFnZXR5cGV9XCIKICAgICBlY2hvIGV4cG9ydCBqYWlsXyR7ZXpq
YWlsX25ld19zYWZlbmFtZX1fYXR0YWNocGFyYW1zPVwiJHtlemphaWxfbmV3X2F0dGFjaHBhcmFt
c31cIgoK
--_5f8d28c4-3e76-48c6-98b2-4ea0358f1aa9_
Content-Type: application/octet-stream
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="ezjail.sh.patch"
LS0tIGV6amFpbC9lemphaWwuc2gJMjAwOS8xMi8yNyAxOToyMjo1MAkzOAorKysgZXpqYWlsL2V6
amFpbC5zaAkyMDA5LzEyLzI3IDIwOjQ1OjA4CTM5CkBAIC02MCw2ICs2MCw3IEBACiAgICAgLiAi
JHtlemphaWxfcHJlZml4fS9ldGMvZXpqYWlsLyR7ZXpqYWlsfSIKIAogICAgIGV2YWwgZXpqYWls
X3Jvb3RkaXI9XCJcJGphaWxfJHtlemphaWx9X3Jvb3RkaXJcIgorICAgIGV2YWwgZXpqYWlsX2Zp
Yj1cIlwkamFpbF8ke2V6amFpbH1fZmliXCIKICAgICBldmFsIGV6amFpbF9pbWFnZT1cIlwkamFp
bF8ke2V6amFpbH1faW1hZ2VcIgogICAgIGV2YWwgZXpqYWlsX2ltYWdldHlwZT1cIlwkamFpbF8k
e2V6amFpbH1faW1hZ2V0eXBlXCIKICAgICBldmFsIGV6amFpbF9hdHRhY2hwYXJhbXM9XCJcJGph
aWxfJHtlemphaWx9X2F0dGFjaHBhcmFtc1wiCkBAIC04Niw3ICs4Nyw3IEBACiAgIGRvbmUKIAog
ICAjIFBhc3MgY29udHJvbCB0byBqYWlsIHNjcmlwdCB3aGljaCBkb2VzIHRoZSBhY3R1YWwgd29y
awotICBbICIke2V6amFpbF9wYXNzfSIgXSAmJiBzaCAvZXRjL3JjLmQvamFpbCBvbmUke2FjdGlv
biVjcnlwdG99ICR7ZXpqYWlsX3Bhc3N9CisgIFsgIiR7ZXpqYWlsX3Bhc3N9IiBdICYmIHNldGZp
YiAke2V6amFpbF9maWJ9IHNoIC9ldGMvcmMuZC9qYWlsIG9uZSR7YWN0aW9uJWNyeXB0b30gJHtl
emphaWxfcGFzc30KIAogICAjIENhbiBvbmx5IGRldGFjaCBhZnRlciB1bm1vdW50aW5nIChmcm9t
IGZzdGFiLkpBSUxOQU1FIGluIC9ldGMvcmMuZC9qYWlsKQogICBhdHRhY2hfZGV0YWNoX3Bvc3QK
--_5f8d28c4-3e76-48c6-98b2-4ea0358f1aa9_--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BLU138-W11EC95EED3D2C756215300F67A0>