Re: Jails and loopback interfaces

From: Josh Bell <josh@xxxxxxxxxx>
Date: Tue, 07 Mar 2006 13:08:06 -0600

For what its worth. It seems like it would be a better idea to use the
file socket instead of connecting to an IP. You could then mount the
socket within the jail, if I am not mistaken.

----
Joshua Bell - <josh@xxxxxxxxxx>

Cyril Jaouich wrote:

Hi,

Running: Freebsd 6.0

I am wondering if it is possible to have acces to loopback ip in a jail. I
currently have a server running a jail. In the jail, there is a database and a
web server. I would like to be able to have the database only bind on a
loopback address and not on the jail's ip.

Can this be done and how?

Thanks

-Cyril

__________________________________________________________
Lèche-vitrine ou lèche-écran ?
magasinage.yahoo.ca
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

References:
- Jails and loopback interfaces
  - From: Cyril Jaouich

Prev by Date: Re: Jails and loopback interfaces
Next by Date: Re: Jails and loopback interfaces
Previous by thread: Re: Jails and loopback interfaces
Index(es):
- Date
- Thread

Relevant Pages

Jails and loopback interfaces
... I am wondering if it is possible to have acces to loopback ip in a jail. ... currently have a server running a jail. ... I would like to be able to have the database only bind on a ...
(FreeBSD-Security)
RE: Jails and loopback interfaces
... * runs webserver ... * runs database server ... Packets leaving a jail are not limited to leaving the host machine on the same interface that the jail is bound to. ... The jail is limited to sending packets from, and receiving packets to the IP address that its bound to, but those packets can go out, or come in, any interface on the host machine. ...
(FreeBSD-Security)
Re: Jails and loopback interfaces
... I have a webserver in a jail that needs to talk to a database, and the webserver is the only thing that should talk to the databse. ... ipfw add allow tcp from any to $JAIL keep-state setup ...
(FreeBSD-Security)
SUMMARY: Jails and loopback interfaces
... Server A hosts a jail B ... Limit acces to the database by binding the database on the loopback address ...
(FreeBSD-Security)
Re: Jails and loopback interfaces
... I have a webserver in a jail that ... >> database. ... packets forwarded to another system will usually be rejected by ...
(FreeBSD-Security)