2010/3/22 Ruben de Groot <mai...@bzerk.org> > > > > > My host 8.0 system is the gateway to the public internet. > > I have ipfilter running blocking all inbound request for service. > > I only allow out bound request from the LAN behind the gateway and use > > keep state to allow the packet conversation to continue. All this has > > worked fine for years across many releases of Freebsd. > > > > Now comes playing with jails. I created 3 jails, www, ftp, telnet and > > used ip address of 10.0.20.20, 10.0.20.30, 10.0.20.40. The goal is to > > target those jails from other PC on the private LAN who are using ip > > address in the 10.0.10.2 through 10.0.10.8 range. > > > > I used ezjail-admin onestart and all the jails start. Then did > > ezjail-admin console ftp.local.com and got logged into that jail. Edited > > /etc/inetd.conf and uncommented the ftp line. Edited /etc/rc.conf adding > > inetd_enable="YES" exited the ftp jail. Did ezjail-admin onestop > > followed by ezjail-admin onestart to cycle the ftp jail to activate the > > ftp function. ezjail-admin console ftp.local.com to get logged into that > > jail again. From within the jail did ping -c 2 10.0.10.6 which is a pc > > on the lan gives me no sockets mesg. And ftp from 10.0.10.6 to > > 10.0.20.30 the ftp jail gives me no connection error. > > > > What is the problem here? > > > How are we supposed to know? > > Ruben > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscr...@freebsd.org" >
add sysctl security.jail.allow_raw_sockets=1 or in /etc/sysctl.conf on the host (not in in the jail) Cordialement --------------------------------------------------------- (°> Dhénin Jean-Jacques / ) 48, rue de la Justice 78300 Poissy ^^ jean-jacq...@dhenin.fr --------------------------------------------------------- _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"