From owner-freebsd-jail@FreeBSD.ORG Wed Jun 11 00:28:48 2014 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A187BE82 for ; Wed, 11 Jun 2014 00:28:48 +0000 (UTC) Received: from mx1.scaleengine.net (beauharnois2.bhs1.scaleengine.net [142.4.218.15]) by mx1.freebsd.org (Postfix) with ESMTP id 625AA23DB for ; Wed, 11 Jun 2014 00:28:47 +0000 (UTC) Received: from [10.1.1.2] (S01060001abad1dea.hm.shawcable.net [50.70.146.73]) (Authenticated sender: allanjude.freebsd@scaleengine.com) by mx1.scaleengine.net (Postfix) with ESMTPSA id 145BC85AF5 for ; Wed, 11 Jun 2014 00:28:47 +0000 (UTC) Message-ID: <5397A2C3.1090109@freebsd.org> Date: Tue, 10 Jun 2014 20:28:51 -0400 From: Allan Jude User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: freebsd-jail@freebsd.org Subject: Re: Assign Lookback address 127.0.0.1 to jail References: <53979DA8.60002@sky-ip.org> <5397A0D9.403@freebsd.org> <5397A16E.8080504@sky-ip.org> In-Reply-To: <5397A16E.8080504@sky-ip.org> X-Enigmail-Version: 1.6 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="0NibSQHfFMdJob5WP0EHfXpwP7mXahol4" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2014 00:28:48 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --0NibSQHfFMdJob5WP0EHfXpwP7mXahol4 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 2014-06-10 20:23, s7r@sky-ip.org wrote: > On 6/11/2014 3:20 AM, Allan Jude wrote: >> On 2014-06-10 20:07, s7r@sky-ip.org wrote: >>> Hi, >>> >>> Operating system is FreeBSD 10.0 64 Bit >>> >>> I have installed ezjail from ports and properly configured a jail >>> with its own static and dedicated IP address. Everything works >>> good, it's just that I have an application which requires to talk >>> to another one via RPC on IP 127.0.0.1, and I have noticed the >>> jail does not have a lo0 interface or localhost 127.0.0.1 IP >>> address. >>> >>> This is bad because the application has no choice but to bind to >>> the public IP address assigned to the jail, and it's not safe. >>> >>> How can I add a lo0 interface with IP 127.0.0.1 to a jail? >>> >>> Thanks in advance.=20 >>> _______________________________________________=20 >>> freebsd-jail@freebsd.org mailing list=20 >>> http://lists.freebsd.org/mailman/listinfo/freebsd-jail To >>> unsubscribe, send any mail to >>> "freebsd-jail-unsubscribe@freebsd.org" >>> >=20 >> Does it have to be 127.0.0.1? You can add an alias like 127.0.0.2 >> to the lo0 interface and use that. >=20 >> Inside the jail, 127.0.0.1 is mapped to the IP of the jail. >=20 >> Using ezjail, you can also allocate more than 1 IP address to a >> jail by comma separating them >=20 >> You can also make it automatically alias the IPs for you with the >> syntax: >=20 >> em0|192.168.0.10,lo0|127.0.0.2 etc >=20 >=20 >=20 > Thank you Allan for your fast reply. >=20 > I have the jail already created via: > # ezjail-admin create >=20 > How do I modify the already existing jail to have 127.0.0.2, for > example, or can't I just have 127.0.0.1 in the jail? >=20 > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org"= >=20 Stop the jail, and then edit /usr/local/etc/ezjail/jail_name and change the line that defines the IPs --=20 Allan Jude --0NibSQHfFMdJob5WP0EHfXpwP7mXahol4 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJTl6LDAAoJEJrBFpNRJZKfJRIP/2NCXclD5N0aLE+Ek0usQoj5 Zfc7yxP+Flzd9IyQqto51WcBfuowU5QcRgRnq7sXRZC4lNdFJtOKzgJbJ+JxwjSO pebt784HANCgR9hEekWJk81VSiaRIT9Zt5OZbzyfP7I6GrWReBt2V/KcC2jy9N+S EE8G69rCnwgz19E12Up95DLcMSXrJcxG097n5Vs2EwvmrdwuAJpGLQkXktosA+0O oioQbrHpiMw4fG1FfbgyXfNraKad8Ru3hRRPxDDFfhE6u9dMUjRba257vH2/utHu jfJKS4Bn37qaQJq189sX08mzPD4j8lTL51rI0Ss38ht9/X/SX5pRInZkmJREKbwB zVbexZIQnSqxM38g/LJdOdD6UsEFJA+U3WF10Y/43s5MKGLnjPR8dmDKKuNuXT+0 ulHOC5o9+NOAtd4xnaE8fLc/Q6A8SYt9XMHi5E/NfcHpehwedn9hV1ZEJOQ/dKuC U3CSQYNXfj4hH5MMWNtgWz8dH1wY60FU2CxWOMNhyPLpcSho0AOdTKCTT/n63KKd 8BOr4AB+EXneipcJRwMCTtUeugbH7b5q9ensOLQs1oxdbuZgHSHdLs0vA8KSRSaH gXsaBoeuU8JkgJnwIURBOiZ57SnIH5vjXzLRT9iX7u3xH5k+lOK3rSb1dcaxuLF3 YIFtHh/D7S2SdWT5Gp/3 =VA9N -----END PGP SIGNATURE----- --0NibSQHfFMdJob5WP0EHfXpwP7mXahol4--