如何将 FreeBSD Jail 连接到网络

tag-icon tag-icon freebsd jail
如何将 FreeBSD Jail 连接到网络

最近我成功安装并配置了一个freebsd jail,我想在我的监狱内安装软件,但我无法连接到网络。我正尝试apache+php+mysql在监狱内设置安装并让用户可以访问网络服务器。这是我的rc.conf监狱。

...
jail_enable="YES"   # Set to NO to disable starting of any jails
jail_list="mambo2"     # Space separated list of names of jails

jail_mambo2_rootdir="/usr/jails/j01"     # jail's root directory
jail_mambo2_hostname="mambo2.ug"  # jail's hostname
jail_mambo2_ip="192.168.100.174"           # jail's IP address
jail_mambo2_devfs_enable="YES"          # mount devfs in the jail
jail_mambo2_devfs_ruleset="mambo2_ruleset" # devfs ruleset to apply to jail

这是我的监狱ifconfig输出

mambo2# ifconfig
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 00:c1:28:00:48:db
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> metric 0 mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
mambo2#

它没有显示我在 中配置的 IP 地址/etc/rc.conf。但是,当我列出正在运行的 jail 时,它显示了正确的 IP 地址。

jails以下是正在运行的列表

[root@mambo /usr/home/jtumusiime]# jls
JID  IP Address      Hostname                      Path
5  192.168.100.174 mambo2.ug                     /usr/jails/j01

我还/etc/resolv.conf为名称服务器创建了一个。这个不存在,所以我不太确定是否有必要?

mambo2# cat /etc/resolv.conf 
nameserver  192.168.100.251
nameserver  8.8.8.8

mambo2#

我的主机有 4 个 IP 地址,3 个公共 IP 地址和 1 个私有 IP 地址:192.168.100.173

我尝试使用创建监狱ezjail,但没有成功。

[root@mambo /usr/src]# ezjail-admin update -p -i
Error: Cannot find your copy of the FreeBSD source tree in .
  Consider using 'ezjail-admin install' to create the base jail from an ftp server.
[root@mambo /usr/src]#

freebsd 7.1我有来自 SVN 的源树的更新副本/usr/src/

[root@mambo /usr/src]# svn info
Path: .
URL: http://svn.freebsd.org/base/release/7.1.0
Repository Root: http://svn.freebsd.org/base
Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Revision: 243371
Node Kind: directory
Schedule: normal
Last Changed Author: kensmith
Last Changed Rev: 186660
Last Changed Date: 2009-01-01 01:57:14 +0300 (Thu, 01 Jan 2009)

[root@mambo /usr/src]#

我做到了

#make buildworld

在建造第一座监狱时mambo2

以下是输出的摘录ezjail-admin install

...
221 Goodbye.
Trying 193.162.146.4...
Connected to ftp.freebsd.org.
220 ftp.beastie.tdk.net FTP server (Version 6.00LS) ready.
331 Guest login ok, send your email address as password.
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
200 Type set to I.
550 pub/FreeBSD-Archive/old-releases/i386/7.1-RELEASE/base: No such file or directory.
221 Goodbye.

Could not fetch base from ftp.freebsd.org.
  Maybe your release (7.1-RELEASE) is specified incorrectly or the host ftp.freebsd.org     does not provide that release build.
  Use the -r option to specify an existing release or the -h option to specify an     alternative ftp server.
Querying your ftp-server... The ftp server you specified (ftp.freebsd.org) seems to         provide the following builds:
Trying 193.162.146.4...
total 10
drwxrwxr-x  13 1006  1006   512 Feb 20  2011 8.2-RELEASE
drwxrwxr-x  13 1006  1006   512 Apr 10  2012 8.3-RELEASE
lrwxr-xr-x   1 1006  1006    16 Jan  7  2012 9.0-RELEASE -> i386/9.0-RELEASE
drwxrwxr-x   7 1006  1006  1024 Feb 19  2012 ISO-IMAGES
-rw-rw-r--   1 1006  1006   637 Nov 23  2005 README.TXT
drwxrwxr-x   5 1006  1006   512 Nov  2 02:59 i386

我不想升级我的freebsd安装。我在 Google 上搜索过,但都无济于事。

谢谢

答案1

您需要在 /etc/rc.conf 中添加一个条目,以确保在重启时重新创建别名。此外,您可能考虑使用 ezjail。

答案2

对于这种情况,通过主机将监狱 IP 配置为接口 rl0 上的虚拟 IP 可以解决此问题:

#ifconfig rl0 192.168.100.174 netmask 255.255.255.0 alias

相关内容