On Thu, 27 Nov 2008, Frank Behrens wrote: Hi,
On the other side I still read in the patched jail(2) man page: "Similarly, it might be a good idea to add an address alias flag such that daemons listening on all IPs (INADDR_ANY) will not bind on that address...". Can you explain the current behaviour?
I think this question is related to your PR kern/84215. The current situation is: jails take precendence. So if sshd is listening on inaddr_any on the host and on inaddr_any inside a jail the connection to an IP belonging to a jail will end up inside the jail; any connections to IPs not beloning to jails will end up on the base. Obviously if you stop the jail and ssh to a former jail IP you'll end up on the bsae system and ssh would complain about different keys possibly while telnet or similar things won't notice. /bz -- Bjoern A. Zeeb Stop bit received. Insert coin for new game. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
