Hello all,
I have very strange problem with my jail accessing the host port. I searched for this over a week and can't find a fix, I even tried it with a second physical interface.
Jail has access to all open ports and devices on my local network except to the truenas host, i have ping to the host but can't access any of his ports. I try to telnet truenas ports from different devices and they are open.
I tried something else too, by changing nextcloud network settings and remove vlan, then the telnet start working but when i try to connect to nextcloud web interface on 192.168.1.12 its loaded the truenas web interface
This is my setup
host ip - 192.168.1.10
root@truenas[~]# cat /mnt/Archive/iocage/jails/nextcloud/config.json
{
"allow_chflags": 1,
"allow_mlock": 1,
"allow_mount": 1,
"allow_mount_devfs": 1,
"allow_mount_fusefs": 1,
"allow_mount_nullfs": 1,
"allow_mount_procfs": 1,
"allow_mount_tmpfs": 1,
"allow_mount_zfs": 1,
"allow_quotas": 1,
"allow_raw_sockets": 1,
"allow_set_hostname": 1,
"allow_socket_af": 1,
"allow_sysvipc": 1,
"allow_tun": 0,
"allow_vmm": 1,
"assign_localhost": 0,
"basejail": 1,
"boot": 1,
"bpf": 1,
"comment": "none",
"defaultrouter": "192.168.1.1",
"defaultrouter6": "auto",
"devfs_ruleset": "4",
"dhcp": 0,
"exec_fib": "0",
"exec_jail_user": "root",
"exec_poststart": "/usr/bin/true",
"exec_poststop": "/usr/bin/true",
"exec_prestart": "/usr/bin/true",
"exec_prestop": "/usr/bin/true",
"exec_start": "/bin/sh /etc/rc",
"exec_stop": "/bin/sh /etc/rc.shutdown",
"exec_system_user": "root",
"host_domainname": "none",
"host_hostname": "nextcloud",
"host_hostuuid": "nextcloud",
"host_time": 1,
"hostid": "ba67c901-b83c-4f2a-ae4e-45eb65c34740",
"interfaces": "vnet0:bridge0",
"ip4": "new",
"ip4_addr": "vnet0|192.168.1.12/24",
"ip4_saddrsel": 0,
"ip6": "new",
"ip6_saddrsel": 0,
"ip_hostname": 0,
"jail_zfs": 0,
"jail_zfs_dataset": "iocage/jails/nextcloud/data",
"jail_zfs_mountpoint": "none",
"last_started": "2023-05-14 09:44:20",
"mac_prefix": "0e9d22",
"nat": 0,
"nat_forwards": "none",
"notes": "none",
"plugin_name": "nextcloud",
"plugin_repository": "https://github.com/freenas/iocage-ix-plugins.git",
"priority": "99",
"release": "13.1-RELEASE-p7",
"resolver": "/etc/resolv.conf",
"rtsold": 0,
"securelevel": "2",
"sysvmsg": "new",
"sysvsem": "new",
"sysvshm": "new",
"template": 0,
"type": "pluginv2",
"vnet1": 1,
"vnet0_mac":"0e9d22baba581 0e9d22baba582",
"vnet_default_interface": "auto",
"vnet_interaface": "none"
}
root@truenas[~]# cat /mnt/Archive/iocage/jails/nextcloud/nextcloud.json
{
"artifact": "https://github.com/freenas/iocage-plugin-nextcloud.git",
"fingerprints": {
"iocage-plugins": [
{
"fingerprint": "b0170035af3acc5f3f3ae1859dc717101b4e6c1d0a794ad554928ca0cbb2f438",
"function": "sha256"
}
]
},
"name": "Nextcloud",
"official": false,
"packagesite": "http://pkg.FreeBSD.org/${ABI}/latest",
"pkgs": [
"ffmpeg",
"nextcloud-php80",
"php80-pecl-imagick-im7",
"php80-bcmath",
"php80-gmp",
"php80-pcntl",
"php80-pecl-redis",
"nginx",
"mysql80-server",
"redis",
"py39-fail2ban",
"py39-certbot"
],
"redis",
"py39-fail2ban",
"py39-certbot"
],
"plugin_schema": "2",
"properties": {
"nat": 1,
"nat_forwards": "tcp(80:8282),tcp(443:8283)"
},
"release": "13.1-RELEASE",
"revision": "1"
}#
I have very strange problem with my jail accessing the host port. I searched for this over a week and can't find a fix, I even tried it with a second physical interface.
Jail has access to all open ports and devices on my local network except to the truenas host, i have ping to the host but can't access any of his ports. I try to telnet truenas ports from different devices and they are open.
I tried something else too, by changing nextcloud network settings and remove vlan, then the telnet start working but when i try to connect to nextcloud web interface on 192.168.1.12 its loaded the truenas web interface
This is my setup
host ip - 192.168.1.10
root@truenas[~]# cat /mnt/Archive/iocage/jails/nextcloud/config.json
{
"allow_chflags": 1,
"allow_mlock": 1,
"allow_mount": 1,
"allow_mount_devfs": 1,
"allow_mount_fusefs": 1,
"allow_mount_nullfs": 1,
"allow_mount_procfs": 1,
"allow_mount_tmpfs": 1,
"allow_mount_zfs": 1,
"allow_quotas": 1,
"allow_raw_sockets": 1,
"allow_set_hostname": 1,
"allow_socket_af": 1,
"allow_sysvipc": 1,
"allow_tun": 0,
"allow_vmm": 1,
"assign_localhost": 0,
"basejail": 1,
"boot": 1,
"bpf": 1,
"comment": "none",
"defaultrouter": "192.168.1.1",
"defaultrouter6": "auto",
"devfs_ruleset": "4",
"dhcp": 0,
"exec_fib": "0",
"exec_jail_user": "root",
"exec_poststart": "/usr/bin/true",
"exec_poststop": "/usr/bin/true",
"exec_prestart": "/usr/bin/true",
"exec_prestop": "/usr/bin/true",
"exec_start": "/bin/sh /etc/rc",
"exec_stop": "/bin/sh /etc/rc.shutdown",
"exec_system_user": "root",
"host_domainname": "none",
"host_hostname": "nextcloud",
"host_hostuuid": "nextcloud",
"host_time": 1,
"hostid": "ba67c901-b83c-4f2a-ae4e-45eb65c34740",
"interfaces": "vnet0:bridge0",
"ip4": "new",
"ip4_addr": "vnet0|192.168.1.12/24",
"ip4_saddrsel": 0,
"ip6": "new",
"ip6_saddrsel": 0,
"ip_hostname": 0,
"jail_zfs": 0,
"jail_zfs_dataset": "iocage/jails/nextcloud/data",
"jail_zfs_mountpoint": "none",
"last_started": "2023-05-14 09:44:20",
"mac_prefix": "0e9d22",
"nat": 0,
"nat_forwards": "none",
"notes": "none",
"plugin_name": "nextcloud",
"plugin_repository": "https://github.com/freenas/iocage-ix-plugins.git",
"priority": "99",
"release": "13.1-RELEASE-p7",
"resolver": "/etc/resolv.conf",
"rtsold": 0,
"securelevel": "2",
"sysvmsg": "new",
"sysvsem": "new",
"sysvshm": "new",
"template": 0,
"type": "pluginv2",
"vnet1": 1,
"vnet0_mac":"0e9d22baba581 0e9d22baba582",
"vnet_default_interface": "auto",
"vnet_interaface": "none"
}
root@truenas[~]# cat /mnt/Archive/iocage/jails/nextcloud/nextcloud.json
{
"artifact": "https://github.com/freenas/iocage-plugin-nextcloud.git",
"fingerprints": {
"iocage-plugins": [
{
"fingerprint": "b0170035af3acc5f3f3ae1859dc717101b4e6c1d0a794ad554928ca0cbb2f438",
"function": "sha256"
}
]
},
"name": "Nextcloud",
"official": false,
"packagesite": "http://pkg.FreeBSD.org/${ABI}/latest",
"pkgs": [
"ffmpeg",
"nextcloud-php80",
"php80-pecl-imagick-im7",
"php80-bcmath",
"php80-gmp",
"php80-pcntl",
"php80-pecl-redis",
"nginx",
"mysql80-server",
"redis",
"py39-fail2ban",
"py39-certbot"
],
"redis",
"py39-fail2ban",
"py39-certbot"
],
"plugin_schema": "2",
"properties": {
"nat": 1,
"nat_forwards": "tcp(80:8282),tcp(443:8283)"
},
"release": "13.1-RELEASE",
"revision": "1"
}#
