[PC-BSD Testing] BIND problem in jail

Jeff dejamuse at yahoo.com
Fri Mar 26 06:31:39 PDT 2010


Yes created with the Warden (in 7.1.1).

Output of jls:

   JID  IP Address      Hostname                      Path
     1  192.168.1.12    Drupal                        /usr/local/warden/jails/192.168.1.12
     2  10.1.1.1        pcbsd-2276                    /usr/jails/portjail

Contents of etc/pf.conf:

set skip on lo0
set block-policy return
scrub in all
nat on lagg0 from lo1:network to any -> (lagg0)
nat on re0 from lo1:network to any -> (re0)
block in log
antispoof quick for lo0 inet
block in from no-route to any
pass out keep state
table <blacklist> persist file "/etc/blacklist"
pass inet proto icmp from any to any
pass inet6 proto icmp6 from any to any
pass in proto {tcp,udp} from any to any port 49152:65535 keep state
block from <blacklist> to any
pass in on re0 proto tcp from any to (re0) port 80 keep state
pass in on re0 proto udp from any to (re0) port 138 keep state
pass in on re0 proto udp from any to (re0) port 111 keep state
pass in on re0 proto udp from any to (re0) port 1110 keep state
pass in on re0 proto udp from any to (re0) port 2049 keep state
pass in on re0 proto udp from any to (re0) port 4045 keep state
pass in on re0 proto tcp from any to (re0) port 445 keep state
pass in on re0 proto tcp from any to (re0) port 137 keep state
pass in on re0 proto tcp from any to (re0) port 139 keep state
pass in on re0 proto tcp from any to (re0) port 111 keep state
pass in on re0 proto tcp from any to (re0) port 1110 keep state
pass in on re0 proto tcp from any to (re0) port 4045 keep state
pass in on lagg0 proto udp from any to (lagg0) port 137 keep state
pass in on lagg0 proto udp from any to (lagg0) port 138 keep state
pass in on lagg0 proto udp from any to (lagg0) port 111 keep state
pass in on lagg0 proto udp from any to (lagg0) port 1110 keep state
pass in on lagg0 proto udp from any to (lagg0) port 2049 keep state
pass in on lagg0 proto udp from any to (lagg0) port 4045 keep state
pass in on lagg0 proto tcp from any to (lagg0) port 445 keep state
pass in on lagg0 proto tcp from any to (lagg0) port 137 keep state
pass in on lagg0 proto tcp from any to (lagg0) port 139 keep state
pass in on lagg0 proto tcp from any to (lagg0) port 111 keep state
pass in on lagg0 proto tcp from any to (lagg0) port 1110 keep state
pass in on lagg0 proto tcp from any to (lagg0) port 4045 keep state
pass out on re0 proto tcp from any to (re0) port 80 keep state
pass in on re0 proto tcp from any to (re0) port 8080 keep state
pass out on re0 proto tcp from any to (re0) port 8080 keep state
pass in on lagg0 proto tcp from any to (lagg0) port 80 keep state
pass out on lagg0 proto tcp from any to (lagg0) port 80 keep state


--- On Fri, 3/26/10, Kris Moore <kris at pcbsd.org> wrote:

From: Kris Moore <kris at pcbsd.org>
Subject: Re: [PC-BSD Testing] BIND problem in jail
To: testing at lists.pcbsd.org
Date: Friday, March 26, 2010, 5:18 AM





  
On 03/26/2010 10:13, Jeff wrote:

  
    
      
        I completely reinstalled the system from scratch, but
PCBSD apparently doesn't understand what that means as it found
everything from the old system including all PBIs, system configs -
everything.  It looks like nothing happened AND I still have this
problem with the jail.  

        

Also noticed on shutdown, when stopping jail it reports that "interface
Lo1does not exist".

        

Why can't I do a real fresh install?  Do I have to wipe the disk clean
first?

        

HELP!  I'm dead in the water for Drupal development until I get this
fixed.

        

Tnx, Jeff

        

        
      
    
  





Jeff,



We should be able to figure this out. These are jails created with the
"warden" or manually?



Send me the output of "jls" on the system, along with your /etc/pf.conf
file. It's possible that something in the PF config is causing this
issue. 









-- 
Kris Moore
PC-BSD Software
iXsystems
 

-----Inline Attachment Follows-----

_______________________________________________
Testing mailing list
Testing at lists.pcbsd.org
http://lists.pcbsd.org/mailman/listinfo/testing



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.pcbsd.org/pipermail/testing/attachments/20100326/3d6d2529/attachment.html>


More information about the Testing mailing list