Hi all, Running 7.0-RELEASE-p2, I set up a jail from which to perform NMAP and Nessus scans. I set the sysctl security.jail.allow_raw_sockets=1, which I expected to prevent any problems. Unfortunately, I'm getting this whenever I try to NMAP:
$ sudo nmap -P0 localhost Starting Nmap 4.76 ( http://nmap.org ) at 2008-10-14 16:56 CDT WARNING: Unable to find appropriate interface for system route to xxx.xx.xx.xx WARNING: Unable to find appropriate interface for system route to 127.0.0.1 nexthost: failed to determine route to 127.0.0.1 QUITTING! Nessus scans fail shortly after being started if port scanning is enabled. If port scanning is disabled, the vulnerability scan succeeds. Identical configurations outside of a jail work just fine, which lead me to believe that the Nessus and NMAP issues are related to the processes being jailed. $ sysctl -a | grep jail security.jail.jailed: 1 security.jail.mount_allowed: 0 security.jail.chflags_allowed: 1 security.jail.allow_raw_sockets: 1 security.jail.enforce_statfs: 2 security.jail.sysvipc_allowed: 0 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 1 Anyone have any hope for me? Erik _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"