On 05/06/07, Paul Fraser <[EMAIL PROTECTED]> wrote:
On 6/5/07, David N <[EMAIL PROTECTED]> wrote:
> To get isc-dhcpd in a jail you need to give the jail access to /dev/bpf0
> so you have to edit /etc/defaults/devfs.rules
> add to the end the unhide rules for bpf eg.
> add path bpf0 unhide
> add include $devfsrules_hide_all
> add include $devfsrules_unhide_basic
> add include $devfsrules_unhide_login
> add include $devfsrules_unhide_bpf
> then in your /etc/rc.conf add
> and restart the jail.
Thank you very much David, that's done the trick! I much prefer having
dhcpd sitting in a jail along with a few other network services.
np, for the life of me i couldn't get isc-dhcpd working in jails at
all without the bpf0. I tried all the jail patches and everything. Its
the only way i found it to work.
But it does mean that if the dhcpd gets compromised, they'll have
control of the bpf0, not really sure what it does though =)
I'm glad it worked out though
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"