Jails and loopback interfaces
No at SPAM at mgEDV.net
nospam at mgedv.net
Mon May 8 14:01:47 UTC 2006
well, i got your ideas, btw, could someone please clarify this for me:
i configured a separate interface for the jailed dns-server:
ifconfig lo5 plumb
ifconfig lo5 10.10.5.1 netmask 255.255.255.0 up
the nameserver listenes on 10.10.5.1#55053 (everything's fine there).
although the dns-server is bound to the specific ip-address, which
again is bound to a separate interface, i do not see just one packet
with tcpdump on this interface. even the loopback interface lo0 does
not show anything.
instead, the packets are generated from my lan-interface myk0, which
has a route to the forwarder.
why are the packets generated on an interface, that the server is not
bound to and there is no redirect for?
More information about the freebsd-security
mailing list