Thank you, that fixed it.
After all the other stuff (some of which also had it broke), it was a 1...
ARGH!
Thanks again, I am now the proud owner of a shiny new jail to put all
my processes behind bars inside of.
:-)
On 2/24/07, Philipp Wuensche <[EMAIL PROTECTED]> wrote:
Jim Stapleton wrote:
Jim Stapleton wrote:
>
> Issue not confused, but it did give me some "try this" tests.
> Unfortunately I still cant connect to anything outside of the jail,
> not even to the host.
> SSHing into jail does not work, into host does.
> [EMAIL PROTECTED] 07:54:40 (0) /usr/ports > jail /jail/ legolas
OK, I managed to get it so something else wasn't grabbing *.*, dunno
what made that happen. What you said made me think "Hey, there was
something in the man pages about starting services", I figured I ought
test that out. So I did:
Pre-Jail process/netstat:
[EMAIL PROTECTED] 07:52:14 (0) /usr/
addendum, I fixed syslogd by adding this to my rc.conf:
syslogd_flags="-b 192.168.1.84"
However, looking through netstat's man page, I couldn't find the name
of the flag (if it exists) that will show the process name. Does that
require a different tool?
Thank you,
-Jim Stapleton
On 2/24/07, J
OK, I have a fairly sizeable list, but it looks like most stuff is
bound to 192.168.1.84 except two things, one is closed, and the other
is syslog (guess I have to look at it's man page). It also looks like
there is something else there. I guess I'll be looking at the netstat
man page to figure ou
Am Samstag, 24. Februar 2007 04:21 schrieb Jim Stapleton:
> I did the ssh after you did the previous mail, but it didn't fix the
> problem.
>
> I'm not having problems senmail or named, they were simply mentioned
> in the man page. I never had named running, and I didn't realize
> sendmail was runn
I did the ssh after you did the previous mail, but it didn't fix the problem.
I'm not having problems senmail or named, they were simply mentioned
in the man page. I never had named running, and I didn't realize
sendmail was running. The latter was my problem with sendmail. That
problem as I said
I saw them in there, but that section seemed to be lacking in what I
needed to do... I admit I missed the alias until someone reminded me.
by lacking I mean:
To configure sshd(8), it is necessary to modify /etc/ssh/sshd_config.
doesn't tell me what I need to change, and I couldn't find the an
Am Samstag, 24. Februar 2007 02:06 schrieb Jim Stapleton:
> yes, I can ping it from this machine, other machines and jail.
>
> Going on that line, I tried to ssh to it, and I got into the host
> system. My problem is in the sshd config I think then? I'm pretty sure
Please, read man (8) jail.
All y
yes, I can ping it from this machine, other machines and jail.
Going on that line, I tried to ssh to it, and I got into the host
system. My problem is in the sshd config I think then? I'm pretty sure
there are no other daemons running on this system...
Oh, I guess I have devd and usbd, they shou
Jim Stapleton wrote:
> new host rc.conf:
>
> hostname="elrond.ameritech.net"
> #ifconfig_nve0="inet 192.168.1.84 netmask 255.255.255.0"
> ipv4_addrs_nve0="192.168.1.84-85/24 netmask 255.255.255.0"
/24 is already the netmask.
Can you ping the ipaddr. from another host in your network?
greetings,
It still does not function. I noticed the netmask and broadcast do not
look right, could this be it?
[EMAIL PROTECTED] 16:26:28 (0) ~ > ifconfig
nve0: flags=8843 mtu 1500
inet 192.168.1.84 netmask 0xff00 broadcast 192.168.1.255
inet 192.168.1.85 netmask 0x broadcast 192
At 02:38 PM 2/23/2007, Jim Stapleton wrote:
new host rc.conf:
hostname="elrond.ameritech.net"
#ifconfig_nve0="inet 192.168.1.84 netmask 255.255.255.0"
ipv4_addrs_nve0="192.168.1.84-85/24 netmask 255.255.255.0"
defaultrouter="192.168.1.1"
#ifconfig_nve0="DHCP"
usbd_enable="YES"
linux_enable="YES"
new host rc.conf:
hostname="elrond.ameritech.net"
#ifconfig_nve0="inet 192.168.1.84 netmask 255.255.255.0"
ipv4_addrs_nve0="192.168.1.84-85/24 netmask 255.255.255.0"
defaultrouter="192.168.1.1"
#ifconfig_nve0="DHCP"
usbd_enable="YES"
linux_enable="YES"
sshd_enable="YES"
sendmail_enable="NO"
inet
Jim Stapleton wrote:
> Jail:
> [EMAIL PROTECTED] 14:04:11 (0) ~ > sudo jail /jail/ legolas 192.168.1.85
> /bin/csh
> %telnet 192.168.1.4 25
> Trying 192.168.1.4...
> ^Z
> Suspended
> %kill %1
> [1]Terminatedtelnet 192.168.1.4 25
> %ifconfig -a
> nve0: flags=8843 mtu 1500
>
Nope, I didn't. I fixed that. It now doesn't give me an error, but at
the same time I still don't get incoming/outgoing network traffick:
(after turning on the variable to allow raw sockets - note: telnet to
my mailserver IP doesn't work either.):
jail /jail/ legolas 92.168.1.85 /bin/csh
%ping
At 02:07 PM 2/23/2007, Jim Stapleton wrote:
Jail:
[EMAIL PROTECTED] 14:04:11 (0) ~ > sudo jail /jail/ legolas 192.168.1.85
/bin/csh
%telnet 192.168.1.4 25
<..snip..>
[EMAIL PROTECTED] 14:02:11 (0) ~ > ifconfig -a
nve0: flags=8843 mtu 1500
inet 192.168.1.84 netmask 0xff00 broadca
Am Freitag, 23. Februar 2007 20:07 schrieb Jim Stapleton:
> Jail:
> [EMAIL PROTECTED] 14:04:11 (0) ~ > sudo jail /jail/ legolas 192.168.1.85
> /bin/csh %telnet 192.168.1.4 25
> Trying 192.168.1.4...
> ^Z
> Suspended
> %kill %1
> [1]Terminatedtelnet 192.168.1.4 25
> %ifconfi
Jail:
[EMAIL PROTECTED] 14:04:11 (0) ~ > sudo jail /jail/ legolas 192.168.1.85
/bin/csh
%telnet 192.168.1.4 25
Trying 192.168.1.4...
^Z
Suspended
%kill %1
[1]Terminatedtelnet 192.168.1.4 25
%ifconfig -a
nve0: flags=8843 mtu 1500
ether 00:13:d4:2e:2f:62
media
On Fri, Feb 23, 2007 at 03:25:00PM +, Jim Stapleton wrote:
> Thank you, it still did not connect using that. The mail server is a
> SMTP server. Also I copied over my host's resolve.conf file.
Hmm. Did you remember to set up the alias entry on your host machine?
What about firewall changes?
>
Jim Stapleton wrote:
> Thank you, that's at least useful testing, but it did not work. Jail
> is definetly not getting any network action.
>
> Would a host netstat output be useful? I looks pretty cryptic.
Can you please post the output of ifconfig and jls. From your rc.conf it
seems the ipaddr.
Thank you, that's at least useful testing, but it did not work. Jail
is definetly not getting any network action.
Would a host netstat output be useful? I looks pretty cryptic.
Thanks,
-Jim Stapleton
On 2/23/07, Jeff Palmer <[EMAIL PROTECTED]> wrote:
At 08:22 PM 2/22/2007, you wrote:
>I'd lik
Am Freitag, 23. Februar 2007 02:49 schrieb Jim Stapleton:
> oops, did a reply instead of reply all, sorry.
>
> My question was "what's the best way to test net connectivity in jail,
> csup?", and i did try csup (using a copy of my standard ports
For ping (and other ICMP tools etc.) you have to cha
At 08:22 PM 2/22/2007, you wrote:
I'd like to get Apache running in jail, but I can't seem to get
network working in jail.
<..snip..>
Anyway, when I go to jail, running csh (as root) in jail, I try/get:
%ping 192.168.1.1
ping: socket: Operation not permitted
You can't ping from a jail unl
Thank you, it still did not connect using that. The mail server is a
SMTP server. Also I copied over my host's resolve.conf file.
With all these hassles/headaches, would it be better/more secure for
me to settup Bochs or QEmu running a virtual BSD server?
Thanks,
-Jim Stapleton
On 2/23/07, Jona
On Fri, Feb 23, 2007 at 01:49:25AM +, Jim Stapleton wrote:
[...]
> I'm only using one jail (it'll run apache, mysql and possibly sftp)
The reason why I'm using ezjail to manage multiple jails is that each
jail only provides *one* external service, to minimise effects from
intrusion/breakage.
On Fri, Feb 23, 2007 at 01:49:25AM +, Jim Stapleton wrote:
> oops, did a reply instead of reply all, sorry.
>
> My question was "what's the best way to test net connectivity in jail,
> csup?", and i did try csup (using a copy of my standard ports
> supfile), it failed:
>
> %csup -g -L 2 /etc/
oops, did a reply instead of reply all, sorry.
My question was "what's the best way to test net connectivity in jail,
csup?", and i did try csup (using a copy of my standard ports
supfile), it failed:
%csup -g -L 2 /etc/supfile-ports
Parsing supfile "/etc/supfile-ports"
Connecting to cvsup12.Fre
On Fri, Feb 23, 2007 at 01:22:53AM +, Jim Stapleton wrote:
> I'd like to get Apache running in jail, but I can't seem to get
> network working in jail.
>
[...]
> Anyway, when I go to jail, running csh (as root) in jail, I try/get:
>%ping 192.168.1.1
>ping: socket: Operation not permit
I'd like to get Apache running in jail, but I can't seem to get
network working in jail.
I followed the instructions in the man page for jail so far, breating
the world install in my jail directory (/jail), which is the only BSD
partition on the drive (ad8s3d, ad8s3b is swap, and ad8s3c is that
w
30 matches
Mail list logo