Hi,
Would virtualizing mac_portacl be a low hanging fruit?
It seems rather interesting for rootless vnet jails
Thanks,
Nikos
On 02/06/18 10:50, wishmaster wrote:
Hi,
with help of racct I can limit CPU per jail.
This rules works as expected for individual jails
jail:jcctv:pcpu:deny=190
jail:jwww:pcpu:deny=190
jail:jphp:pcpu:deny=190
jail:jdb:pcpu:deny=190
But I need pcpu=190 for all jails. Is it possible?
jail:*:pc
Hi Kurt,
On 02/19/2017 12:56 PM, Kurt Jaeger wrote:
We had this running with FreeBSD 6.x, but unionfs had issues,
among them the whiteout problem.
I am not sure exactly when unionfs was re-written...
Sometime during 7-CURRENT but I am not sure if everything was
backported to 6.
It seems lik
Hi Kurt,
On 02/19/2017 12:59 PM, Kurt Jaeger wrote:
Ah, to correct myself here: We only used unionfs, not in combination
with nullfs. Can you describe why nullfs with unionfs does not
work in 11 ?
It panics easily. I use the following shell script to create a working
environment:
PREFIX=/jai
Hi,
One relatively cheap way to create thin jails in the pre-ZFS era,
was to combine nullfs and unionfs (1). This seem to work only in
10 and previous branches. Do you use such a combination?
It seems like a very relevant feature nowadays, when people
use all these cloud-based systems, which oft
On 04/28/15 01:13, Ricky G wrote:
you have no path specified however this is always an option.
I know. Although this time not a deliberate one;)
delete allow.mount.devfs and mount.devfs
mount.fstab="/etc/fstab.firepad";
/etc/fstab.firepad:devfs $path devfs rw,ruleset=8
Sorry for the noise, I have forgotten to set the jail's root!
On 04/28/15 00:28, Nikos Vassiliadis wrote:
Hi,
I am trying to mount devfs inside a jail and it seems that I
am doing something wrong.
My jail.conf:
firepad {
persist;
host.hostname = "firepad.local&quo
Hi,
I am trying to mount devfs inside a jail and it seems that I
am doing something wrong.
My jail.conf:
firepad {
persist;
host.hostname = "firepad.local";
ip4.addr = 10.65.0.111;
allow.mount.devfs;
mount.devfs;
}
When I try to start the jail I get this
On 10/24/14 14:25, Marcin Michta wrote:
Someone know where I can find some technical information about vnet/vimage?
So far I have found only few lines, but nothing specific.
Hi Martin,
check this:
https://wiki.freebsd.org/200705DevSummit?action=AttachFile&do=view&target=virtnet-devsummit
On 06/06/2013 02:28 PM, Gleb Smirnoff wrote:
M> > module unload is broken:( Maybe it can be fixed at a (bit) later date?
M>
M> I don't think Gleb will be happy with this. Some time ago he removed
M> some vimage related stuff to prevent crashing on module unload (see
M> r229849). Actually your pat
Hi,
Comments below.
On 06/05/2013 10:52 AM, Mikolaj Golub wrote:
1) It looks like the patch can be split on several parts. A log
message to every change describing why it is needed and what problem
solves would be very helpful. As a tool to maintain such changes I
personally prefer git.
I'll
Hi,
Please review this patch. It fixes some problems with pf and vimage.
For the time being only pf works. ALTQ, pflog, pfsync are not changed
nor tested but as time permits, I'll work on them. Basic packet
filtering functionality per VNET should be ok.
Thanks in advance for reviewing,
Nikos
In
On 05/01/2013 11:43 PM, Joe wrote:
Do you have first hand experience getting "ipfw kernel nat" to work in a
vimage jail
ipfw nat should work in a vnet jail.
HTH, Nikos
___
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listin
On 04/25/2013 02:49 PM, Laurent Alebarde wrote:
I am afraid you have convinced me with zulu to go on.
oh I see:)
Though not being able to use dummynet nor altq is a real drawback.
But if I don't abuse myself, I read contradictory things. So I raise the
question : Is pf/altq usable in the
On 04/25/2013 07:40 AM, zulu wrote:
VNET is supported and there is a "soft" jail restart option which
prevents the "kern/164763: Memory leak in VNET" issue from appearing.
This is a really interesting workaround!
Yes, ipfw is vnet-capable since a long time and it works as good
as the non-virtu
a number referring to two different jails.
So while this does seem to break the dot-separate namespace concept,
it's necessary because jails aren't always referred to by the full
hierarchical name.
- Jamie
On 03/22/12 11:18, Nikos Vassiliadis wrote:
I found this somehow strange beh
Hi,
I found this somehow strange behavior and I am reporting it
just to hear your opinions.
lab# jail -c name=asd persist
lab# jail -c name=asd.asd persist
asd is interpreted as jail asd.asd
lab# jail -c name=asd.asd.1 persist
jail: jail 1 already exists
1 is interpreted as jail 1
This h
On 3/19/2012 9:04 AM, Palle Girgensohn wrote:
Nikos Vassiliadis skrev:
On 3/19/2012 12:47 AM, Palle Girgensohn wrote:
Hi!
When I create an epair and pu one end inside a jail, and give that
interface an IP address, the jail still seems to want to use the lo0
interface to route traffic to
On 3/19/2012 12:47 AM, Palle Girgensohn wrote:
Hi!
When I create an epair and pu one end inside a jail, and give that
interface an IP address, the jail still seems to want to use the lo0
interface to route traffic to that interface on the inside.
Everything else works, I can set up bridges just
On 1/4/2012 3:10 AM, Andrew Hotlab wrote:
I noticed a strange behavior some days ago, but I can't say how much
long it have been happening for. Some processes which are running in
different jails on the same host seems to be listening on all host IPs.
Here is an example:
#sockstat -4l | grep "4
> Hi,
>
> I have problem with binding port to localhost inside of jail (ezjail).
>
> instead of this:
> vscan perl 51376 5 tcp4 194.xxx.yyy.22:10024
>
> I need this:
> vscan perl 51376 5 tcp4 127.0.0.1:10024
>
> Is it possible to bind anything inside jail to 127.0.0.1?
Yes,
Hi,
Out of curiosity, why jail_attach() does not
chdir() to the new root?
It seems like something worth mentioning in jail(2).
Thanks, Nikos
___
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe
Brandon Gooch wrote:
Also, you may check this out, it's pretty neat:
http://old.tel.fer.hr/imunes/
Those who like IMUNES, have to check CORE out.
http://cs.itd.nrl.navy.mil/work/core/index.php
___
freebsd-jail@freebsd.org mailing list
http://lists
Eirik Øverby wrote:
On 2. okt. 2010, at 15:12, Nikos Vassiliadis wrote:
Peter Ankerstål wrote:
On 2 okt 2010, at 15.06, Nikos Vassiliadis wrote:
Peter Ankerstål wrote:
Anyone here used the VIMAGE together with jail?
Is this some kind of poll?:)
I have used VIMAGE and jail.
Nikos
Haha
Peter Ankerstål wrote:
On 2 okt 2010, at 15.06, Nikos Vassiliadis wrote:
Peter Ankerstål wrote:
Anyone here used the VIMAGE together with jail?
Is this some kind of poll?:)
I have used VIMAGE and jail.
Nikos
Haha, sorry. Just wanted some pointers.
do ask
Peter Ankerstål wrote:
Anyone here used the VIMAGE together with jail?
Is this some kind of poll?:)
I have used VIMAGE and jail.
Nikos
___
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe,
On 7/23/2010 3:09 PM, Paul Schenkeveld wrote:
Since FreeBSD 8 jails support virtual networking (a.k.a. vimage). It
looks like it should be possible to do CARP between jails using vnet
instances. You'd need to do some network plumbing to get a virtual
bus topology network between the jails (ng_e
Nikos Vassiliadis wrote:
Is it possible to create a vimage with the jail(8) command?
Or one have still to use the tools/tools/vimage command?
Sorry for the noise, I've just saw a two weeks old post from Jamie
Gritton, mentioning that the vnet parameter should be used:
This patch
Hi,
Is it possible to create a vimage with the jail(8) command?
Or one have still to use the tools/tools/vimage command?
Thanks, Nikos
___
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, sen
29 matches
Mail list logo
