[Bug 253435] Jail does not create tunnel (wireguard) interface alias.
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Feb 11 18:16:03 UTC 2021
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253435
--- Comment #1 from Jamie Gritton <jamie at FreeBSD.org> ---
jail(8) will automatically run "ifconfig alias <ifname> <ipaddr>" on startup
(and "-alias" on shutdown). But it's interface-agnostic, and doesn't know
things like the tunnel interface needing the address twice (which I didn't know
either).
So anything more complicated than a single address added to an existing
interface is going to take you running the commands yourself. For your setup,
I think this should work:
{
ip4.addr = 192.168.0.10;
exec.prestart = "ifconfig wgnet0 alias inet ${ip4.addr} ${ip4.addr}";
exec.poststop = "ifconfig wgnet0 -alias inet ${ip4.addr} ${ip4.addr}";
}
Keeping track of what requirements different interfaces might need is a
potential can of worms beyond the scope of jail(8).
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-jail
mailing list