The following reply was made to PR kern/156268; it has been noted by GNATS.
From: Rudy <[email protected]> To: [email protected], [email protected] Cc: Subject: Re: kern/156268: jails don't use routing table Date: Fri, 08 Apr 2011 16:04:42 -0700 Looks like just ICMP has issues... TCP OK 16:00:26.303086 IP 2.2.2.200.51884 > 3.3.3.3.80: Flags [F.], seq 1176726875, ack 3364247674, win 8326, options [nop,nop, TS val 188728165 ecr 659781298], length 0 16:00:26.325530 IP 3.3.3.3.80 > 2.2.2.200.51884: Flags [F.], seq 1, ack 1, win 2896, options [nop,nop,TS val 659796605 e cr 188728165], length 0 ICMP NOT OK 16:00:32.824971 IP 1.1.1.1 > 3.3.3.3: ICMP echo request, id 47701, seq 0, length 64 16:00:33.825828 IP 1.1.1.1 > 3.3.3.3: ICMP echo request, id 47701, seq 1, length 64 UDP OK (there is not dns on target... just a bogus UDP packet to see if src IP was OK) 16:00:41.826238 IP 2.2.2.200.43454 > 3.3.3.3.53: 63527+ PTR? 5.5.5.10.in-addr.arpa. (39) 16:00:41.838730 IP 3.3.3.3 > 2.2.2.200: ICMP 3.3.3.3 udp port 53 unreachable, length 75 Of course, I have security.jail.allow_raw_sockets: 1 or else I wouldn't be able to do ICMP at all. Looks like the raw sockets ignores routing table. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "[email protected]"
