I'm on 11.1 U5. I created two new iocage jails last night (first time I've used them). I used the following command to create them:
iocage create -n flexget ip4_addr="re0|192.168.1.10/24" -r11.1-RELEASE
iocage set allow_raw_sockets=1 flexget
From any device on the 192.168.1.0/24 I can ping 192.168.1.10. From within the jail the first ping to any device on the network gets a reply but subsequent pings drop. After you've pinged the one device all pings are dropped. (see below)
Here's my ifconfig output:
Here's my iocage settings:
iocage create -n flexget ip4_addr="re0|192.168.1.10/24" -r11.1-RELEASE
iocage set allow_raw_sockets=1 flexget
From any device on the 192.168.1.0/24 I can ping 192.168.1.10. From within the jail the first ping to any device on the network gets a reply but subsequent pings drop. After you've pinged the one device all pings are dropped. (see below)
Code:
root@flexget:~ # ping 192.168.1.4 PING 192.168.1.4 (192.168.1.4): 56 data bytes 64 bytes from 192.168.1.4: icmp_seq=0 ttl=64 time=0.041 ms ^C --- 192.168.1.4 ping statistics --- 8 packets transmitted, 1 packets received, 87.5% packet loss round-trip min/avg/max/stddev = 0.041/0.041/0.041/0.000 ms root@flexget:~ # ping 192.168.1.4 PING 192.168.1.4 (192.168.1.4): 56 data bytes ^C --- 192.168.1.4 ping statistics --- 5 packets transmitted, 0 packets received, 100.0% packet loss root@flexget:~ # ping 192.168.1.5 PING 192.168.1.5 (192.168.1.5): 56 data bytes 64 bytes from 192.168.1.5: icmp_seq=0 ttl=64 time=0.046 ms ^C --- 192.168.1.5 ping statistics --- 6 packets transmitted, 1 packets received, 83.3% packet loss round-trip min/avg/max/stddev = 0.046/0.046/0.046/0.000 ms
Here's my ifconfig output:
Code:
root@flexget:~ # ifconfig re0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=82099<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE> ether 10:7b:44:7a:03:d4 hwaddr 10:7b:44:7a:03:d4 inet 192.168.1.10 netmask 0xffffff00 broadcast 192.168.1.255 media: Ethernet autoselect (1000baseT <full-duplex>) status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6> groups: lo vlan1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=80001<RXCSUM,LINKSTATE> ether 10:7b:44:7a:03:d4 media: Ethernet autoselect (1000baseT <full-duplex>) status: active vlan: 1 vlanpcp: 0 parent interface: re0 groups: vlan bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 02:08:a6:58:2c:00 groups: bridge id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 9 priority 128 path cost 2000000 member: epair3a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 8 priority 128 path cost 2000 member: epair2a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 7 priority 128 path cost 2000 member: epair1a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 6 priority 128 path cost 2000 member: epair0a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 5 priority 128 path cost 2000 member: re0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 1 priority 128 path cost 20000 epair0a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 02:b5:d0:00:05:0a hwaddr 02:b5:d0:00:05:0a media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active groups: epair epair1a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 02:b5:d0:00:06:0a hwaddr 02:b5:d0:00:06:0a media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active groups: epair epair2a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 02:b5:d0:00:07:0a hwaddr 02:b5:d0:00:07:0a media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active groups: epair epair3a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 02:b5:d0:00:08:0a hwaddr 02:b5:d0:00:08:0a media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active groups: epair tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=80000<LINKSTATE> ether 00:bd:3d:f1:f8:00 hwaddr 00:bd:3d:f1:f8:00 media: Ethernet autoselect status: active groups: tap Opened by PID 10606
Here's my iocage settings:
Code:
CONFIG_VERSION:11 allow_chflags:0 allow_mount:0 allow_mount_devfs:0 allow_mount_nullfs:0 allow_mount_procfs:0 allow_mount_tmpfs:0 allow_mount_zfs:0 allow_quotas:0 allow_raw_sockets:1 allow_set_hostname:1 allow_socket_af:0 allow_sysvipc:0 available:readonly basejail:no boot:on bpf:no children_max:0 cloned_release:11.1-RELEASE comment:none compression:lz4 compressratio:readonly coredumpsize:off count:1 cpuset:off cputime:off datasize:off dedup:off defaultrouter:none defaultrouter6:none depends:none devfs_ruleset:4 dhcp:off enforce_statfs:2 exec_clean:1 exec_fib:0 exec_jail_user:root exec_poststart:/usr/bin/true exec_poststop:/usr/bin/true exec_prestart:/usr/bin/true exec_prestop:/usr/bin/true exec_start:/bin/sh /etc/rc exec_stop:/bin/sh /etc/rc.shutdown exec_system_jail_user:0 exec_system_user:root exec_timeout:60 host_domainname:none host_hostname:flexget host_hostuuid:flexget host_time:yes hostid:753effe2-a955-11e6-bc3c-bcee7b756a76 hostid_strict_check:off interfaces:vnet0:bridge0 ip4:new ip4_addr:re0|192.168.1.10/24 ip4_saddrsel:1 ip6:new ip6_addr:none ip6_saddrsel:1 jail_zfs:off jail_zfs_dataset:iocage/jails/flexget/data jail_zfs_mountpoint:none last_started:2018-07-18 11:21:45 login_flags:-f root mac_prefix:02ff60 maxproc:off memorylocked:off memoryuse:off mount_devfs:1 mount_fdescfs:1 mount_linprocfs:0 mount_procfs:0 mountpoint:readonly msgqqueued:off msgqsize:off nmsgq:off notes:none nsemop:off nshm:off nthr:off openfiles:off origin:readonly owner:root pcpu:off priority:99 pseudoterminals:off quota:none release:11.1-RELEASE-p11 reservation:none resolver:/etc/resolv.conf rlimits:off securelevel:2 shmsize:off stacksize:off state:up stop_timeout:30 swapuse:off sync_state:none sync_target:none sync_tgt_zpool:none sysvmsg:new sysvsem:new sysvshm:new template:no type:jail used:readonly vmemoryuse:off vnet:off vnet0_mac:none vnet1_mac:none vnet2_mac:none vnet3_mac:none vnet_interfaces:none wallclock:off