Date: Fri, 23 Mar 2007 13:49:12 +0100 From: Karol Kwiatkowski <karol.kwiat@gmail.com> To: Robin Becker <robin@reportlab.com> Cc: freebsd-questions@freebsd.org Subject: Re: ezjail ip conflicts Message-ID: <4603CCC8.3000702@gmail.com> In-Reply-To: <4603C8EF.1020104@chamonix.reportlab.co.uk> References: <4603C8EF.1020104@chamonix.reportlab.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig76C1798DD8A29BA2D60566E7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Robin Becker wrote: > I'm getting these ip conflicts whilst trying to create a jail >=20 > ezjail-admin create ....xxx.xxx.xxx.27 >=20 > Warning: IP xxx.xxx.xxx.27 not configured on a local interface. > Warning: Some services already seem to be listening on all IP, > (including xxx.xxx.xxx.27) > This may cause some confusion, here they are: > mysql mysqld 505 10 tcp4 *:3306 *:* > root syslogd 291 6 udp4 *:514 *:* >=20 >=20 > my rc.conf has >=20 > ifconfig_fxp0=3D"inet xxx.xxx.xxx.26 netmask 255.255.255.248" > defaultrouter=3D"xxx.xxx.xxx.25" > inetd_flags=3D"-wW -a xxx.xxx.xxx.26" >=20 >=20 > so I believe the xxx.xxx.xxx.27 address is OK, but I guess I need to > make mysqld and syslogd listen only on xxx.xxx.xxx.26. I don't actually= > understand what's preventing sshd from listening on all the addresses i= n > range unless it's the inetd flags, but I thought sshd is started by ini= t > nowadays. If you're using sshd as a daemon have a look at "ListenAddress" directive in /etc/ssh/sshd_config. You can have multiple of those. > Anyhow I think I can fix the mysqld problem by having >=20 > mysql_args=3D"--bind-address=3Dxxx.xxx.xxx.26" >=20 > in the rc.conf, but I don't see any easy way to configure syslogd to > start with a -b xxx.xxx.xxx.26 How about adding 'syslogd_flags' in /etc/rc.conf? Those are the defaults:= # grep syslogd /etc/defaults/rc.conf syslogd_enable=3D"YES" # Run syslog daemon (or NO). syslogd_program=3D"/usr/sbin/syslogd" # path to syslogd syslogd_flags=3D"-s" # Flags to syslogd (if enabled). Also, if you don't need it to bind at all it's better to use '-ss'. > how do I fix this or perhaps I don't need to? You could filter traffic at firewall but it's always better to have a simpler setup. HTH, Karol --=20 Karol Kwiatkowski <karol.kwiat at gmail dot com> OpenPGP 0x06E09309 --------------enig76C1798DD8A29BA2D60566E7 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGA8zPezeoPAwGIYsRCBIJAKCJGv+2ryML5bB3/hAHH+7j8L/B6ACgjJf3 tJi1AJLV9I5n4tDGey+l0R8= =TsCw -----END PGP SIGNATURE----- --------------enig76C1798DD8A29BA2D60566E7--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4603CCC8.3000702>