From owner-freebsd-questions@FreeBSD.ORG Tue Jun 5 05:00:36 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 3B18716A41F for ; Tue, 5 Jun 2007 05:00:36 +0000 (UTC) (envelope-from pfraser@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.174]) by mx1.freebsd.org (Postfix) with ESMTP id C6F7B13C468 for ; Tue, 5 Jun 2007 05:00:35 +0000 (UTC) (envelope-from pfraser@gmail.com) Received: by ug-out-1314.google.com with SMTP id u2so71426uge for ; Mon, 04 Jun 2007 22:00:34 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=HyRMEEHq/YW99nMIjbUKLbq4BfNvrLvblyBijr3ooaFOv0a9TAD3wjTHttBHhgrNaoicXGH4kt2d6Gq0T/ez0YrQB/e2fEQRoyaDb3rpIgcpaYDkXzAHosst9Yi8uS/cgeI31A6dwbvVu1TJEsk+PBoFNjg8VGtsoN3WllCSD+Y= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=qlZpy2iSErAMNBh8nrS4Lxbg1X9APP0D8nHKGO2xPch1HY1taBBSJIyUl/ahOA/95anDu09TfrcYvxvkZKK86Zu09lQOre11IyzEyoTT/QFmOmpmX0y/kdZyfZT38L7oOznV3q4/ASiOJPw5IymjW9haLjlEHmF3qGI1DipoBc8= Received: by 10.82.126.5 with SMTP id y5mr7931185buc.1181019634569; Mon, 04 Jun 2007 22:00:34 -0700 (PDT) Received: by 10.82.191.11 with HTTP; Mon, 4 Jun 2007 22:00:34 -0700 (PDT) Message-ID: Date: Tue, 5 Jun 2007 15:00:34 +1000 From: "Paul Fraser" To: "David N" , "FreeBSD-Questions Mailing List" In-Reply-To: <4d7dd86f0706041940w21dfb3f9xaf19d629a75ad023@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20070604113945.GA15154@schottelius.org> <4d7dd86f0706041940w21dfb3f9xaf19d629a75ad023@mail.gmail.com> Cc: Subject: Re: isc-dhcp3-server in a jail? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jun 2007 05:00:36 -0000 On 6/5/07, David N wrote: > To get isc-dhcpd in a jail you need to give the jail access to /dev/bpf0 > > so you have to edit /etc/defaults/devfs.rules > add to the end the unhide rules for bpf eg. > [devfsrules_unhide_bpf=5] > add path bpf0 unhide > > [devfsrules_dhcp_jail=6] > add include $devfsrules_hide_all > add include $devfsrules_unhide_basic > add include $devfsrules_unhide_login > add include $devfsrules_unhide_bpf > > then in your /etc/rc.conf add > jail__defs_ruleset="devfsrules_dhcp_jail" > > and restart the jail. Thank you very much David, that's done the trick! I much prefer having dhcpd sitting in a jail along with a few other network services. Cheers, P. -- Regards, Paul Fraser http://furyc0de.net/