Date: Tue, 16 Aug 2016 22:45:39 +0200 From: Bertram Scharpf <lists@bertram-scharpf.de> To: freebsd-questions@freebsd.org Subject: Re: Cannot ping6 inside jail Message-ID: <20160816204539.GA467@becker.bs.l> In-Reply-To: <57B36DDB.9050506@gmail.com> References: <20160816191547.GA87631@becker.bs.l> <57B36DDB.9050506@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday, 16. Aug 2016, 15:47:39 -0400, Ernie Luzar wrote:
> Bertram Scharpf wrote:
> >
> > Inside a jail:
> >
> > # ping6 ::1
> > ping6: socket: Protocol not supported
> >
> > When I ask "ifconfig", there are no IPv6 adresses.
> >
> > What did I miss?
>
> If your talking about issuing the ping command from within a non-vimage
> jail then its denied by design as a security risk. You have to enable
> allow.raw.sockets to get ping command to work.
I _had_ set "allow.raw_sockets = 1;" in "jail.conf".
I say
# sysctl security.jail.allow_raw_sockets=1
# service jail restart myjail
but still I see
# ping6 ::1
ping6: socket: Protocol not supported
and
# ifconfig | grep inet6 | wc -l
0
and
# telnet ::1 80
Trying ::1...
telnet: socket: Protocol not supported
Bertram
--
Bertram Scharpf
Stuttgart, Deutschland/Germany
http://www.bertram-scharpf.de
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160816204539.GA467>