Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 8 May 2006 16:01:41 +0200
From:      "No@SPAM@mgEDV.net" <nospam@mgedv.net>
To:        <freebsd-security@FreeBSD.ORG>
Subject:   RE: Jails and loopback interfaces
Message-ID:  <000001c672a7$eedf8a10$01010101@avalon.lan>
In-Reply-To: <200605081210.k48CAtMj094360@lurza.secnetix.de>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
 
well, i got your ideas, btw, could someone please clarify this for me:

i configured a separate interface for the jailed dns-server:

ifconfig lo5 plumb
ifconfig lo5 10.10.5.1 netmask 255.255.255.0 up

the nameserver listenes on 10.10.5.1#55053 (everything's fine there).

although the dns-server is bound to the specific ip-address, which
again is bound to a separate interface, i do not see just one packet
with tcpdump on this interface. even the loopback interface lo0 does
not show anything.

instead, the packets are generated from my lan-interface myk0, which
has a route to the forwarder.

why are the packets generated on an interface, that the server is not
bound to and there is no redirect for?





Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?000001c672a7$eedf8a10$01010101>