net.inet.ip.scopedroute inside a jail?

[ovizii]

I'm fooling around with sshuttle ( https://github.com/apenwarr/sshuttle ) inside a jail and am getting:

Code:

firewall manager: starting transproxy.
>> No such sysctl: 'net.inet.ip.scopedroute'

any hints?

 

[DrKK]

....net.inet.ip.scopedroute is a Mac OSX sysctl and not a FreeBSD sysctl, and you are trying to install Mac OSX software on FreeBSD?

I mean, just a guess, sir. :)

 

[pirateghost]

Yeah. Just looking at the github it plainly says Mac and Linux. I don't see free BSD

 

[DrKK]

Yeah, this sysctl, I forget what it was for. Multiple gateway something-something, multiple ethernet something-something-something. Something-something firewall is broken something-something.

But it was definitely an Apple thing, as far as I can remember.

 

[ovizii]

not really, that github site says:

• Your client machine (or router) is Linux, FreeBSD, or MacOS.

• If you use MacOS or BSD on your client machine: Your kernel needs to be compiled with IPFIREWALL_FORWARD (MacOS has this by default) and you need to have ipfw available. (The server doesn't need to be MacOS or BSD.)

 

[pirateghost]

Wait. You are trying to use it as a client in a jail?

 

[DrKK]

Yeah it's not clear now what the hell he's talking about.

 

[DrKK]

Also, sshuttle (which I've never heard of) appears to be a VPN.

Installing a VPN in a FreeNAS jail (regardless of what these guys tell you here, and elsewhere) is highly non-trivial voodoo. Because of the way the jails work with the host network, it is very, very difficult/tricky and sometimes impossible to get it to work.

I don't suggest, really, that anyone try to get OpenVPN or any other VPN's working in jails. But that's me.

 

[DrKK]

And in any case, this doesn't change the fact that you can't change a sysctl that doesn't exist on the operating system. The evidence appears to be very strong that whatever software you're trying to install does not have FreeBSD in mind.

 

[ovizii]

Sorry for the confusion, I simply asked if this error rings

Code:

firewall manager: starting transproxy.
No such sysctl: 'net.inet.ip.scopedroute'

any bells with anyone:

BUT if you're wondering, of course I want to install sshuttle as a client, its not a server it simply connects to an sshd on the other end.

Regarding OPENVPN in a jail => https://forums.freenas.org/index.ph...-a-jail-so-it-only-connects-to-the-vpn.18669/

Does anyone know if:

If you use MacOS or BSD on your client machine: Your kernel needs to be compiled with IPFIREWALL_FORWARD (MacOS has this by default) and you need to have ipfw available.

the kernel used in a jail is compiled with IPFIREWALL_FORWARD?