Re: Jails can't get routing info
On 2. May 2012, at 05:11 , Jason Hellenthal wrote:
> On Tue, May 01, 2012 at 09:01:33PM +0000, Bjoern A. Zeeb wrote:
>> On 1. May 2012, at 19:41 , David Thiel wrote:
>>=20
>>> Hello,
>>>=20
>>> So, I've been trying to debug an issue running nmap scans within =
jails,=20
>>> partially documented here:
>>>=20
>>> http://seclists.org/nmap-dev/2012/q2/220
>>>=20
>>> On further debugging, it's seeming like jails can't read routing=20
>>> information directly at all:
>>>=20
>>> # route get 69.163.203.254
>>> route: writing to routing socket: No such process
>>>=20
>>> Now, this is normally done via reading the routing table via =
something like=20
>>> socket(PF_ROUTE, SOCK_RAW, AF_INET), so one would suspect that this =
is a=20
>>> problem with raw sockets; but raw sockets are enabled within the =
jail.=20
>>> netstat is able to read routing information just fine, but I don't =
think=20
>>> it's doing it via the socket() call.
>>=20
>> hmm, sure you don't have /dev/mem in the jail? netstat -rn I think is =
still
>> using libkvm *sigh* and not the sysctl API.
>>=20
>=20
> Good lord I hope this makes it down to stable/8
Pardon, what do you mean?
>=20
>>=20
>>> Anyone know why this behavior might be happening?
>>=20
>> Without thinking too much (as in if I got the right case) I think you =
are
>> hitting this one:
>>=20
>> =
http://svnweb.freebsd.org/base/head/sys/net/rtsock.c?annotate=3D234572#l79=
2
--=20
Bjoern A. Zeeb You have to have visions!
It does not matter how good you are. It matters what good you do!
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 4 之 5 篇):