Joerg Surmann wrote on 2018/03/23 13:49:
Hi all,
I have a Problem to understund how to manage 2 Networks inside a Jail.
i have create a jail (using ezjail) with a alias IP.
in rc.conf (on Host):
ifconfig_vmx0="inet 192.168.100.1 netmask 255.255.255.0"
ifconfig_vmx0_alias0="inet 192.168.100.2 netmask 255.255.255.0" <- this
is the jail ip
Inside the jail running apachhe24.
Now i add a new NIC to the System.
in rc.conf (on Host):
ifconfig_em0="inet 213.70.80.92 netmask 255.255.255.0"
in /usr/local/etc/ezjail/myjail.conf:
i add the new ip
export jail_myjail_ip="192.168.100.2,213.70.80.92"
Restart the jail and ifconfig looks fine.
vmx0 -> inet 192.168.100.2
em0 -> inet 213.70.80.92
Apache Listen on all NIC's (<VirtualHost *:80>)
But i can see my Website only via 192.168.100.2 from intern Network.
The Host is behind a Firewall.
The IP 213.70.80.92 is enabled for incomming Traffic.
When i give the Hostname in a Browser i become "connection Timeout".
What is to do that the Host is accessable from Inet?
Are you sure Apache is listening on both IPs?
What netstat says?
# netstat -an | egrep 'tcp4.*80 .*LISTEN'
Also check what you have in httpd.conf for Listen directive
# grep -i Listen /usr/local/etc/apache24/httpd.conf
I am not using ezjail, I am using jail.conf
costa {
host.hostname = "costa.example.com";
ip4.addr = AA.BB.CCC.DDD;
ip4.addr += 192.168.222.57;
}
Real IP was replaced with AA.BB.CCC.DDD
And it works. Services inside jail must be listening on both IPs or
wildcard * (0.0.0.0)
And be sure to disable hosts services to listen on IPs and ports you
want to be served from jail.
Miroslav Lachman
_______________________________________________
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"