tell me how to share openvpn interface(tun0) in the main system for jail and use it in jail
In main host(openvpn interface):
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet 10.56.52.1 --> 10.56.48.253 netmask 0xffffffff
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: tun
Opened by PID 95844
ping 10.56.48.253 - ok
In jail(he looks like this):
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
groups: tun
Opened by PID 95844
ping 10.56.48.253 - not pinged
To ping from jail allow_raw_sockets must be enabled.
# sysctl security.jail.allow_raw_sockets=1
See Jail. Ping to Host, Operation not permitted.
Example jail.conf
test_01 {
host.hostname = "test_01";
ip4.addr = 127.0.2.1,10.1.0.51;
allow.raw_sockets = "true";
mount.devfs = "true";
User contributions licensed under CC BY-SA 3.0