Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 18 Nov 2009 11:48:36 +0700
From:      Michael Svobodin <>
Subject:   Re: jail - beginner questions
Message-ID:  <>
In-Reply-To: <>
References:  <> <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Tue, Nov 17, 2009 at 10:41:14PM +0430, Laszlo Nagy wrote:

> My computer is a windows machine, with address 192.168.0.X
> Then the FreeBSD host is actually a guest os running in wvmare. It has 
> address
> And finally, the vm1 jail should have
> I don't know why is not working for the jail. Anyway, if I 
> change the jail's address to then
> /etc/rc.d/jail start vm1
> Starting jails: vm1.localdomain.

The address must be assigned to a interface in the host FreeBSD.
You can do it before starting the jail, or when the jail is being started.

To assign the address before starting the jail do somthing like this:
# ifconfig lnc0 alias
where lnc0 is the name of nic in the host FreeBSD
And you can add to /etc/rc.conf:
to assign the address then the host FreeBSD is booting.

To assing the address when the jail is being started just add to /etc/rc.conf this:
This way is preferred.

> Now the next question: how can I access the hosted (jailed) OS? I know 
> it is a dumb question, but I have no idea. I would like to:
> a.) run sshd in the jail
> b.) login from the host to the jailed (hosted) OS
> c.) install programs on the jail, configure them and finally
> d.) use NATD to divert some pacakges from the host to the jail and back

1. get the jails list: 
# jls
  JID  IP Address      Hostname                      Path
     9   mx1.loc                       /store/jail/mx1
     8   nslst.loc                     /store/jail/nslst
2. select required jail by JID, for example 9 for mx1.loc and do:
# jexec 9 tcsh
3. you're in

a.) Login inside the jail. Now add to /etc/rc.conf sshd_enable="YES" and execute:
# /etc/rc.d/sshd start

c.) When you're inside the jail you can install software like in the host system. 
You can use the pkg_add or the ports system.

d.) It requires to use firewall either ipfw or pf. 
For example you can add to your /etc/pf.conf: 
nat on lnc0 from to any -> 

But the firewall requires more lines then this one to work correcly with all network traffic.
And you have to know exactly what you want to get for using it. 

> Probably this is what everybody does, so if you could point me to a 
> tutorial or something, I would appriciate it.
> Thanks,
>   Laszlo
> _______________________________________________
> mailing list
> To unsubscribe, send any mail to ""

Want to link to this message? Use this URL: <>