Re: jail created with ip4=new and ipv4.addr shows ip4=disable on jail -s

Reply: Kurt Jaeger : "Re: jail created with ip4=new and ipv4.addr shows ip4=disable on jail -s"
In reply to: Kurt Jaeger : "jail created with ip4=new and ipv4.addr shows ip4=disable on jail -s"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: James Gritton <jamie_at_gritton.org>
Date: Sat, 23 Jul 2022 17:06:15 UTC

On 2022-07-23 04:56, Kurt Jaeger wrote:
> Hello,
> 
> On a 13.1 box:
> 
> The jail is created with:
> 
> /usr/sbin/jail -c allow.raw_sockets allow.sysvipc devfs_ruleset=4
> host.hostname=somehostname path=/somepath ip4=new ip4.addr=<someipv4>
> ip6=new ip6.addr=<someipv6> command=/bin/sh /etc/rc
> 
> But:
> 
> jail -s
> 
> displays:
> 
> [...] ip4=disable ip6=disable
> 
> Is that a bug and if not, why does it behave like that ?

It's a bug in the reporting.  ip4 is presented as a jailsys parameter 
with its values of disable, inherit, and new.  jail_get(2) reports such 
values based on flags in the prison structure, but ip4 and ip6 are only 
stored as a single bit with disable indistinguishable from new.  
jail_get should be looking at the number of IP addresses, which is what 
tells the difference.

- Jamie