Date: Sun, 18 Apr 2010 09:19:30 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Aiza <aiza21@comclark.com> Cc: kurt seel <kseel@governmentcostsolutions.com>, FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Ping from jail not permitted error Message-ID: <4BCAC092.9090701@infracaninophile.co.uk> In-Reply-To: <4BCA7D4A.6060309@comclark.com> References: <4BCA54DC.1000301@comclark.com> <4BCA61FC.5000308@governmentcostsolutions.com> <4BCA7D4A.6060309@comclark.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 18/04/2010 04:32:26, Aiza wrote: > kurt seel wrote: >> Aiza wrote: >>> My jail has public internet access because i can do pkg_add -r >>> unix2dos and the package does install. But when I enter ping -c 2 >>> freebsd.org I get message "ping: socket: Operation not permitted" >>> There is no firewall running in the jail. >>> >>> Any ideas would be helpful. >>> >>> Thanks >> >> ICMP is disallowed by defaut for jails, see the sysctl : >> security.jail.allow_raw_sockets >> There are good reasons for this default, so if you test remember to >> set it >> back when you are done. >> Also, on a point of style, jails in their current form (see VIMAGE) >> do not get a network stack of their own so they don't have a firewall but >> share the hosts' network and firewall, etc. >> >> > I don't have man vimage. Is this part of Freebsd? It's in 8.0 and above -- VIMAGE is a kernel configuration option. It's a work in progress. See: http://wiki.freebsd.org/Image/TODO?highlight=%28vnet%29 Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkvKwJIACgkQ8Mjk52CukIwrcACfWy+4XpVb80yoeo393lNN5yMz mucAoIguWZRo8I89rWYkCDO25W3pOixf =FkzE -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BCAC092.9090701>