From owner-freebsd-hackers@FreeBSD.ORG Wed Nov 12 10:01:27 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6AEB416A4CE for ; Wed, 12 Nov 2003 10:01:27 -0800 (PST) Received: from webclan.com (webclan.com [216.149.213.2]) by mx1.FreeBSD.org (Postfix) with SMTP id 3F85943FD7 for ; Wed, 12 Nov 2003 10:01:24 -0800 (PST) (envelope-from freebsd@msquaredweb.net) Received: (qmail 51644 invoked by uid 1006); 12 Nov 2003 18:09:04 -0000 Received: from unknown (HELO mk2pzfb2xon2q5) (24.54.225.150) by msquaredweb.net with SMTP; 12 Nov 2003 18:09:04 -0000 From: "FB" To: Date: Wed, 12 Nov 2003 10:01:23 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Thread-Index: AcOpRvtrWS3Mz9XgQ7WHvIsOcb2nAQ== Message-Id: <20031112180124.3F85943FD7@mx1.FreeBSD.org> Subject: Multiple IPs in Jail X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Nov 2003 18:01:27 -0000 Hey all - We patched mijail5 (http://garage.freebsd.pl/mijail.README) against RELENG_5_1. Most of the patch was successful with a little fuzz, except for a couple lines in jls which didn't patch due to cosmetic changes (easily fixed). Before the patch was applied, the jail environment had no problem with dns. After the patch was applied however (and userland rebuilt both on host and jail), dns breaks in the jail environment. Basically, gethostbyname fails and h_errno is set to 2 - Host name lookup failure. the system is configured properly, since the only changes are to the kernel and the modified jail mechanism. Also interesting is that the failure is immediate, there is no timeout. However, inbound/outbound TCP traffic is not effected. - we are able to ssh in/out of the jailed environment. I was testing outbound UDP traffic however - simple matter of binding a socket to send a packet to a remote host. Outside the jail, it worked fine. inside the jail, sendto failed with a EINVAL error. Any help on this topic would be much appreciated. -Mike PS: I apologize for the cross-post to the freebsd-hackers and freebsd-questions lists... Need to get this box up ASAP and this is a major setback. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.537 / Virus Database: 332 - Release Date: 11/6/2003