Re: Jails and loopback interfaces

I would recommend *not* trying to use You'll end up in a
situation where things are trying to access the local machine and are
getting the jail instead.

Instead, I recommend schlopping another IP address, an alias, onto the
loopback interface, just as you would with any other jail. Use an RFC
1918 address, and, as with all jails, use a netmask of 32 bits.

On Wed, 8 Mar 2006, Axel Scheepers wrote:

On Tue, 2006-03-07 at 13:02 -0300, Ricardo A. Reis wrote:
Hi Cyril,

For access loopback inside the jail, is necessary configure in host server
alias for loopback and start jail using loopback.
Remember loopback address is all 127/8 !

I just recently tried jails but I thought would be mapped to
the jails ip-address, which eventually gets mapped to the ip specified
in the parameter or rc.conf. I could be wrong though although my
test-jail setup confirms this on 6.1-PRERELEASE:
test-jail# telnet localhost 22
Trying ::1...
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.2p1 FreeBSD-20050903

Kind regards,

Axel Scheepers

Never worry about theory as long as the machinery does what it's supposed to do.
-- R. A. Heinlein

freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"