Date: Tue, 17 Feb 2004 12:49:51 +0000 From: John <lists@itconsultuk.net> To: freebsd-questions@freebsd.org Subject: jailed "system" needs ipv4 access Message-ID: <20040217124951.GA43293@itconsultuk.net>
next in thread | raw e-mail | index | archive | help
Hello I made a jail for a domain I host, according to the man page for jail. It runs great and I can ssh and telnet on port 25 into it from the host. What I would like the root user to be able to do inside the jail is to ssh to other boxes and use the ports collection. I have set the following sysctls: jail.set_hostname_allowed=0 jail.socket_unixiproute_only=0 (the man page says: cesses within jails may only access protocols in the following domains: PF_LOCAL, PF_INET, and PF_ROUTE, permitting them access to UNIX domain sockets, IPv4 addresses, and routing sockets. To enable access to other domains, this MIB variable may be set to 0.) I wanted it to access as much as possible ipv4-wise from inside the jail. I have set the 2nd MIB to 0 for this reason, but to no avail. Is it possible for ssh and ftp to work from inside? I want root to install ports from within. cheers --
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040217124951.GA43293>