Problems with JAIL in 4.8R

stakys stakys at punktas.lt
Tue Aug 5 07:46:29 PDT 2003


Mayby i have to add some rules to ipfw to that rl0 alias somehow? I dont
know how to add rule for rl0 alias, to allow all traffic. Because if just
adding rules for rl0 it do not helps.
----- Original Message -----
From: "Konstantin M Volevatch" <cox at rosnet.ru>
To: <stakys at punktas.lt>; <freebsd-security at freebsd.org>
Sent: Tuesday, August 05, 2003 3:31 PM
Subject: Re: Problems with JAIL in 4.8R


> Try this:
> ipfw add 52 allow ip from any to me via rl0
>
> В сообщении от 5 Август 2003 17:20 stakys at punktas.lt написал:
> > On Tue, Aug 05, 2003 at 12:56:36PM -0000, stakys at punktas.lt wrote:
> > > Hi, i've set the outside ip for the jail..It works.. When i try to ssh
to
> > > jail'ed system from the main system (in which is created jail) the
> > > connection is successful, but when i try to connect to jailed system
from
> > > anywhere else i get this message:
> > > ssh: connect to host IP_NUMBER port 22: Operation timed out
> > > What can be wrong here? How to solve this problem?
> > >
> > >>Are you running some sort of firewall on the main system?  You might
> > >>have to add additional rules allowing SSH into the jailed one...
> > >>
> > >>G'luck,
> > >>Peter
> >
> > I'm running IPFW but i put such a lines to ipfw.rules to be sure that
it's
> > not firewall's fault, about connecting to jail'ed system from outside.
> > Here are the lines:
> > ipfw add 50 allow ip from any to any via lo0
> > ipfw add 51 allow ip from any to any via rl0
> > _______________________________________________
> > freebsd-security at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-security
> > To unsubscribe, send any mail to
"freebsd-security-unsubscribe at freebsd.org"
>
> --
> Konstantin M. Volevatch <cox at rosnet.ru>
> Internet Service Division, RosNet JSC, Moscow
> (095) 7813332 [local:4341]
>



More information about the freebsd-security mailing list