Re: Jails can't get routing info
On 1. May 2012, at 19:41 , David Thiel wrote:
> Hello,
>=20
> So, I've been trying to debug an issue running nmap scans within =
jails,=20
> partially documented here:
>=20
> http://seclists.org/nmap-dev/2012/q2/220
>=20
> On further debugging, it's seeming like jails can't read routing=20
> information directly at all:
>=20
> # route get 69.163.203.254
> route: writing to routing socket: No such process
>=20
> Now, this is normally done via reading the routing table via something =
like=20
> socket(PF_ROUTE, SOCK_RAW, AF_INET), so one would suspect that this is =
a=20
> problem with raw sockets; but raw sockets are enabled within the jail.=20=
> netstat is able to read routing information just fine, but I don't =
think=20
> it's doing it via the socket() call.
hmm, sure you don't have /dev/mem in the jail? netstat -rn I think is =
still
using libkvm *sigh* and not the sysctl API.
> Anyone know why this behavior might be happening?
Without thinking too much (as in if I got the right case) I think you =
are
hitting this one:
=
http://svnweb.freebsd.org/base/head/sys/net/rtsock.c?annotate=3D234572#l79=
2
/bz
--=20
Bjoern A. Zeeb You have to have visions!
It does not matter how good you are. It matters what good you do!
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 2 之 5 篇):