Date: Sun, 13 Dec 2015 05:45:01 +0000 From: marcel <marcel.plouf@gmail.com> To: "Michael B. Eichorn" <ike@michaeleichorn.com>, Dirk Engling <erdgeist@erdgeist.org>, freebsd-jail@freebsd.org Subject: Re: Configuring network without ezjail Message-ID: <566D05DD.9080201@gmail.com> In-Reply-To: <1449889151.23602.24.camel@michaeleichorn.com> References: <566B67F7.1090404@gmail.com> <566B5CB6.8050009@erdgeist.org> <566B7D7E.2070507@gmail.com> <566B8183.3080306@gmail.com> <1449888253.23602.14.camel@michaeleichorn.com> <1449889151.23602.24.camel@michaeleichorn.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/12/2015 02:59, Michael B. Eichorn wrote:
> On Fri, 2015-12-11 at 21:44 -0500, Michael B. Eichorn wrote:
>> On Sat, 2015-12-12 at 02:08 +0000, marcel wrote:
>>> ... and I think I have enabling gateway, I wrote thins in both of
>>> my
>>> rc.conf (jail and host):
>>>
>>> gateway_enable="YES"
>>>
>>> Is it correct ?
>> You only need gateway_enable if you are doing routing, it is not
>> necessary for a typical jail setup. Most of the time you are just
>> adding an alias to the host's nic.
OK so if I want to my jail can access to internet I have to do routing,
right ?
>>> But I don't think I have DNS problems, my host correctly access to
>>> the
>>> internet and the resolv.conf of my jail and my host are same...
>>>
>>> On 12/12/2015 01:50, marcel wrote:
>>>> No I don't get to have an IP address... Yet I have writed this in
>>>> my
>>>> host's rc.conf:
>>>>
>>>> jail_enable="YES"
>>>> jail_list="thename"
>>>> jail_guantanamo_rootdir="thepath"
>>>> jail_guantanamo_hostname="thename"
>>>> jail_guantanamo_ip="192.168.0.12"
>>>>
>>>> and I use the command:
>>>>
>>>> jail thepath thename 192.168.0.12 /bin/csh
>>>>
>>>> to connect to my jail...
>>>>
>>>> On 11/12/2015 23:31, Dirk Engling wrote:
>>>>> On 12.12.15 01:19, marcel wrote:
>>>>>
>>>>>> I would like to know if it is possible to configure a jail's
>>>>>> network for
>>>>>> accessing to the World Wide Web but without ezjail ?
>>>>>> I have created my jail without ezjail (mkdir jail, make
>>>>>> installworld,
>>>>>> etc...) and I would like to continue without it if it's
>>>>>> possible...
>>>>> Sure, why doesn't it connect to the net? Does it have a RFC1918
>>>>> IP? If
>>>>> so, you need to enable NAT. If not, did you enable gatewaying?
>>>>> Maybe you
>>>>> just have DNS problems, so is your resolv.conf set up properly?
>>>>>
>>>>> Without knowing what exactly is not working, I can not help
>>>>> you.
>>>>>
>>>>> erdgeist
>> I think you found some old instructions, assuming a 10.x system here
>> is
>> the boilerplate for a typical jail:
>>
>> rc.conf:
>>
>> jail_enable="YES"
>>
>> jail.conf:
>>
>> interface = re0;
>> mount.devfs;
>> exec.start = "/bin/sh /etc/rc";
>> exec.stop = "/bin/sh /etc/rc.shutdown";
>>
>> thenameofthejail {
>> host.hostname = host.domain.tld;
>> path = /the/path/to/the/jail
>> ip4.addr = 192.168.0.12;
>> }
>>
>> and start it up with
>>
>> # jail -c thenameofthejail
>>
>> And another handy tip you can avoid building a jail with make by
>> extacting the base.txz file found in places like the install media
>> into
>> the jail directory
OK, so my jail.conf look like your jail.conf and when I type jls my jail
have the IP 192.168.0.12 but when I type ifconfig in my jail I have no ip...
> Oh and before I forget, the trickiest thing for me moving from ezjail
> to jail was updating. Assuming your jails are complete base systems and
> that you would like to use binary updates with freebsd-update, and you
> have completely sparated jails without any funny tricks to save space,
> here is Ike's simple jail update guide:
>
> edit the jail's freebsd-update.conf and change
>
> Components src world kernel
> -to-
> Components world
>
> then run freebsd-update like so:
>
> # freebsd-update -b /usr/jails/jaildir \
> -f usr/jails/jaildir/etc/freebsd-update.conf \
> -d /usr/jails/jaildir/var/db/freebsd-update fetch
> # freebsd-update -b /usr/jails/jaildir \
> -f /usr/jails/jaildir/etc/freebsd-update.conf \
> -d /usr/jails/jaildir/var/db/freebsd-update install
>
> Using the -f flag keeps the jail from using the host config since jails
> cannot update kernels anyway. And -d keeps jails and hosts from
> trampling each other which is nice if you want to do more than one at a
> time, or if you use freebsd-update cron.
Thanks for tip !
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?566D05DD.9080201>