[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ezjail] ezjail and ipfw



Jack,

Even more simply put (and really, you should test this so you see it in
action and understand jails better),
 inside a jail  * = the IP assigned to it.
 inside the 'non jail system' * = all the ips on the box.

So, if you have
 IP   Hostname
 10.0.0.2 jailA
 10.0.0.3 jailB
 10.0.0.4 jailC
and you log onto jailA and bing apache to * then it will be listening
only to 10.0.0.2.  Type ifconfig inside of jailA and you will only see
10.0.0.2.  type ifconfig while logged into jailC an you will only see
10.0.0.4.

Oh, you can log into jails from the 'host'  (eg non-jailed, master
FreeBSD instance) with the jexec command.
jls (list jails)
jexec PICK_NUMBER_FROM_JLS tcsh
ifconfig -a


Good luck!

Rudy

>> Jack,
>>
>> services inside jail will only listen to  addresses assigned to jail.
>> They wont try to listen to any other system address. All you should take
>> care of are host services (i had to make changes to ssh and ntpd configs
>> myself).
>>
>> Ruben
>>