On Thu, 4 Jun 2009, Dirk Engling wrote: Hi,
However, grep -R 127.0.0.1 /etc reveals, that sendmail in many places assumes localhost to be on 127.0.0.1 instead of looking it up in /etc/hosts or using 127.0.0.0/8 to identify a local connection.
or possibly other methods that would find even more things to be "local".
I worry that more programmers made those assumptions, possibly breaking more tools.
yes, bind tools are another of those things that have problems with various address magics.
My question is: Who's the right guy to beg to fix sendmail or alternatively would it be smart to allow each jail to have its own
If programmers assume 127.0.0.1 is hte one and only loopback it's because of two things - 1) this has been done in the very old days where people updated the hosts file with uucp to know all hosts in the nwetwork and was never updated. or 2) they are clueless or lazy.
concept of 127.0.0.1 on a dummy interface mapped to all jails, that
As others mentioned connection from/to 127.0.0.1 will be mapped to the primary address of the jail; if you listen on 127.0.0.1 and the primary address is a public address you will be visible to the world (given your base system routes and permits that address to be reached). But that's been like that since probably 4.0. With the virtual network stack you will be bale to have your own loopback with each jail do not even think about doing something like this; it would never ever hit the tree anymore and it has been done by others already (for you - and others;). /bz -- Bjoern A. Zeeb The greatest risk is not taking one. _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
