[tor-bugs] #14958 [Tor]: address/get_if_addrs_ifaddrs and address/get_if_addrs_ioctl fail in FreeBSD jails
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Feb 20 10:54:32 UTC 2015
#14958: address/get_if_addrs_ifaddrs and address/get_if_addrs_ioctl fail in FreeBSD
jails
------------------------+--------------------------------
Reporter: reezer | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.6.x-final
Component: Tor | Version: Tor: 0.2.6.3-alpha
Resolution: | Keywords: tor-relay
Actual Points: | Parent ID:
Points: |
------------------------+--------------------------------
Comment (by reezer):
>es, that's what I meant. It is there, it just is not what it is supposed
to be, cause the interface in there is actually the loopback of the host
system. They are basically sharing it.
So for example you could on the host system run netcat and inside the jail
do a telnet 127.0.0.1 <port> and one could connect to it.
That's a limitation of FreeBSD jails, as the network stack isn't
completely virtualized yet. There is a project called VIMAGE to solve
these limitations, but as of now I am not aware of any practical way to
solve it.
ifconfig -a looks like this:
{{{
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
}}}
No IP there, but you can still listen on 127.0.0.1, just the interface is
shared, which might have security implications of course. Maybe it's a
good thing that Tor now has unix socket support in these scenarios where
you run in a FreeBSD jail.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14958#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list