From owner-freebsd-jail@FreeBSD.ORG Wed Jun 11 00:20:48 2014 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A32CADCC for ; Wed, 11 Jun 2014 00:20:48 +0000 (UTC) Received: from mx1.scaleengine.net (beauharnois2.bhs1.scaleengine.net [142.4.218.15]) by mx1.freebsd.org (Postfix) with ESMTP id 7D587232C for ; Wed, 11 Jun 2014 00:20:47 +0000 (UTC) Received: from [10.1.1.2] (S01060001abad1dea.hm.shawcable.net [50.70.146.73]) (Authenticated sender: allanjude.freebsd@scaleengine.com) by mx1.scaleengine.net (Postfix) with ESMTPSA id DA4A785AC7 for ; Wed, 11 Jun 2014 00:20:39 +0000 (UTC) Message-ID: <5397A0D9.403@freebsd.org> Date: Tue, 10 Jun 2014 20:20:41 -0400 From: Allan Jude User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: freebsd-jail@freebsd.org Subject: Re: Assign Lookback address 127.0.0.1 to jail References: <53979DA8.60002@sky-ip.org> In-Reply-To: <53979DA8.60002@sky-ip.org> X-Enigmail-Version: 1.6 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="BVhMS0lKlQaVC6l70AshcOpJpA23aPXNM" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2014 00:20:48 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --BVhMS0lKlQaVC6l70AshcOpJpA23aPXNM Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 2014-06-10 20:07, s7r@sky-ip.org wrote: > Hi, >=20 > Operating system is FreeBSD 10.0 64 Bit >=20 > I have installed ezjail from ports and properly configured a jail with > its own static and dedicated IP address. Everything works good, it's > just that I have an application which requires to talk to another one > via RPC on IP 127.0.0.1, and I have noticed the jail does not have a > lo0 interface or localhost 127.0.0.1 IP address. >=20 > This is bad because the application has no choice but to bind to the > public IP address assigned to the jail, and it's not safe. >=20 > How can I add a lo0 interface with IP 127.0.0.1 to a jail? >=20 > Thanks in advance. > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org"= >=20 Does it have to be 127.0.0.1? You can add an alias like 127.0.0.2 to the lo0 interface and use that. Inside the jail, 127.0.0.1 is mapped to the IP of the jail. Using ezjail, you can also allocate more than 1 IP address to a jail by comma separating them You can also make it automatically alias the IPs for you with the syntax:= em0|192.168.0.10,lo0|127.0.0.2 etc --=20 Allan Jude --BVhMS0lKlQaVC6l70AshcOpJpA23aPXNM Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJTl6DbAAoJEJrBFpNRJZKfDGoP/3s7PBq7QHA1o/4hn2Mx/vZq sbqRlXIeQVCkTgpw8tt5WayfdmgX+8UNU+KUiUt7qG9X21cFvvjUFm0EJmtvkBxG ipsZKac8wwoXWBIS6lMB9cLfGxkrek2Nr3GJ0/w4g83E538ZQXn05n7upYWXdKeN 2lgC1RHrK4W2SEvqa958UFDerl7plU8YxTgvzSa5xvz1dGKS484XY+nkZOIAldjX SkAYUgsYWSP6JabrlM99BGKDdybKsFNfor7QN3zNsYxNn6rywIPJPgDctCmCEn4s bJPVX/evri66n3KJoM6vx73W6VaFe5JvJmnf90Pvkw5UQjL74dXplHpcOtbqforC KhLB5g7qN0zENc168qpN37MQCmq3aYjuLZqjvjTOXRLc1Gc18GaR9DKKAab6D5Oh 62msKCPGQ8coBrO+mRi2gsCk5y7+VTG+uztvwG4z9nQMFXgykKXv9/98RX3Ta/hm ULM+ClOpn/evl0xJBJbQxiTR04Fn6evvnliwTgLSLsDqmdh+YtDSPN5J9LYYf0YL TLz+8+IluJrB4BJHcD1gDfgG0EQ5M8GaiZjfoux/+GCk8tot+7xOEt1rQsA9O4HW V3VB5oi2UjJcu+bPSDBLa5X6TFxHg5eHf9DUeJ6iqBO6nnY1QDH4Wb+Mk/RHZVTi R8md13GMFcxfJDqBtAb8 =um75 -----END PGP SIGNATURE----- --BVhMS0lKlQaVC6l70AshcOpJpA23aPXNM--