Robin Becker wrote: > I'm getting these ip conflicts whilst trying to create a jail > > ezjail-admin create ....xxx.xxx.xxx.27 > > Warning: IP xxx.xxx.xxx.27 not configured on a local interface. > Warning: Some services already seem to be listening on all IP, > (including xxx.xxx.xxx.27) > This may cause some confusion, here they are: > mysql mysqld 505 10 tcp4 *:3306 *:* > root syslogd 291 6 udp4 *:514 *:* > > > my rc.conf has > > ifconfig_fxp0="inet xxx.xxx.xxx.26 netmask 255.255.255.248" > defaultrouter="xxx.xxx.xxx.25" > inetd_flags="-wW -a xxx.xxx.xxx.26" > > > so I believe the xxx.xxx.xxx.27 address is OK, but I guess I need to > make mysqld and syslogd listen only on xxx.xxx.xxx.26. I don't actually > understand what's preventing sshd from listening on all the addresses in > range unless it's the inetd flags, but I thought sshd is started by init > nowadays.
If you're using sshd as a daemon have a look at "ListenAddress" directive in /etc/ssh/sshd_config. You can have multiple of those. > Anyhow I think I can fix the mysqld problem by having > > mysql_args="--bind-address=xxx.xxx.xxx.26" > > in the rc.conf, but I don't see any easy way to configure syslogd to > start with a -b xxx.xxx.xxx.26 How about adding 'syslogd_flags' in /etc/rc.conf? Those are the defaults: # grep syslogd /etc/defaults/rc.conf syslogd_enable="YES" # Run syslog daemon (or NO). syslogd_program="/usr/sbin/syslogd" # path to syslogd syslogd_flags="-s" # Flags to syslogd (if enabled). Also, if you don't need it to bind at all it's better to use '-ss'. > how do I fix this or perhaps I don't need to? You could filter traffic at firewall but it's always better to have a simpler setup. HTH, Karol -- Karol Kwiatkowski <karol.kwiat at gmail dot com> OpenPGP 0x06E09309
signature.asc
Description: OpenPGP digital signature