Thread: Internet access within jail
View Single Post
  #3   (View Single Post)  
Old 26th June 2008
Weaseal's Avatar
Weaseal Weaseal is offline
Package Pilot
  
Join Date: May 2008
Location: East Coast, US
Posts: 177
Default
On the host:
Code:
$ cat /etc/rc.conf
gateway_enable="YES"
hostname="myhost.com"
ifconfig_dc0="DHCP"
keyrate="fast"
moused_enable="YES"
sshd_enable="YES"

ifconfig_dc0_alias0="inet 10.10.10.10 netmask 255.255.255.255"

jail_enable="YES"   # Set to NO to disable starting of any jails
jail_list="songbird"     # Space separated list of names of jails

jail_songbird_interface="dc0"
jail_songbird_rootdir="/usr/jails/songbird"     # jail's root directory
jail_songbird_hostname="songbird.myhost.com"    # jail's hostname
jail_songbird_ip="10.10.10.10"           # jail's IP address
jail_songbird_devfs_enable="YES"          # mount devfs in the jail
jail_songbird_devfs_ruleset="devfsrules_jail" # devfs ruleset to apply to jail

jail_songbird_exec_start="/bin/sh /etc/rc"
jail_songbird_exec_stop="/bin/sh /etc/rc.shutdown"

pf_enable="yes"
pf_rules="/etc/pf.conf"
And,
Code:
$ cat /etc/pf.conf
nat on dc0 from 10.10.10.0/24 to any -> (dc0)
pass in all
pass out all
And,
Code:
$ ifconfig
dc0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        options=8<VLAN_MTU>
        inet 192.168.0.5 netmask 0xffffff00 broadcast 192.168.0.255
        inet 10.10.10.10 netmask 0xffffffff broadcast 10.10.10.10
        ether 00:a0:cc:d6:d2:ee
        media: Ethernet autoselect (100baseTX)
        status: active
re0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
        options=1b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING>
        ether 00:11:09:96:a7:ad
        media: Ethernet autoselect (100baseTX <half-duplex>)
        status: no carrier
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet6 ::1 prefixlen 128
        inet 127.0.0.1 netmask 0xff000000
From within the jail:
Code:
# ping 192.168.0.33
ping: socket: Operation not permitted
And,
Code:
$ ifconfig
dc0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        options=8<VLAN_MTU>
        inet 10.10.10.10 netmask 0xffffffff broadcast 10.10.10.10
        ether 00:a0:cc:d6:d2:ee
        media: Ethernet autoselect (100baseTX)
        status: active
re0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
        options=1b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING>
        ether 00:11:09:96:a7:ad
        media: Ethernet autoselect (100baseTX <half-duplex>)
        status: no carrier
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
Any guesses?
__________________
FreeBSD addict since 4.2-RELEASE.
My FreeBSD wiki.
Last edited by Weaseal; 26th June 2008 at 12:41 AM.
Reply With Quote