Re: jailed process listening on host addresses

Wed, 04 Jan 2012 00:54:37 -0800 

On 1/4/2012 3:10 AM, Andrew Hotlab wrote:

I noticed a strange behavior some days ago, but I can't say how much
long it have been happening for. Some processes which are running in
different jails on the same host seems to be listening on all host IPs.
Here is an example:

#sockstat -4l | grep "4 \*:"
root mDNSRespon 69801 3 udp4 *:45258 *:*
root mDNSRespon 69801 4 udp4 *:5353 *:*
root unfsd 69761 3 udp4 *:2049 *:*
root unfsd 69761 4 tcp4 *:2049 *:*
root rpcbind 69703 7 udp4 *:111 *:*
root rpcbind 69703 8 udp4 *:732 *:*
root rpcbind 69703 9 tcp4 *:111 *:*
921 transmissi 29851 10 udp4 *:* *:*
931 asterisk 29805 25 udp4 *:* *:*


It's happening on several host right now (all are running FreeBSD/amd64
8.2-RELEASE-p5), with both UDP and TCP listeners. Any jail is using a
single unicast IP address. I really hope to miss something important...
or should I guess that these processes are "escaping" from the jails?! :S

Thank very much for any explanation anyone would be so kind to give me.


Could you share more about your setup?
ifconfig, jls, ps in the jail, commands given to create the jail...
I tried to reproduce the problem on a amd64 8.2-RELEASE, without
success.


callisto# ifconfig em0
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
        ether 08:00:27:a0:7a:90
        inet 192.168.73.194 netmask 0xffffff00 broadcast 192.168.73.255
        inet 192.168.73.128 netmask 0xffffff00 broadcast 192.168.73.255
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
callisto# jail -c name=test persist ip4.addr=192.168.73.128
callisto# jls
   JID  IP Address      Hostname                      Path
     2  192.168.73.128                                /
callisto# jexec test nc -lu 20000 &
[1] 1130
callisto# sockstat -4l
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
root     nc         1130  3  udp4   192.168.73.128:20000  *:*
root     sendmail   857   4  tcp4   127.0.0.1:25          *:*
root     sshd       849   4  tcp4   *:22                  *:*
root     syslogd    561   7  udp4   *:514                 *:*


Nikos
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[email protected]"

Reply via email to