# Enable network interface in Jail



## ligregni (Mar 23, 2010)

I am a newbie Jail's user, I can't get this working:

I got the Jail working, I also can put some services (small socket programs) and run it with clients in the host system, also, I can access SSH server in the Jail from remote systems using NAT, that is, the network interface in the Jail is working, but I can't reach internet (or some other host in the network) from the Jails, for example:

Network details:

Host's network interface/IP: vr0/1.2.3.5
Jail's network interface/IP: vr0/1.2.3.7

From Host

```
ping 1.2.3.7 # OK
ssh 1.2.3.7 # OK
```

From Jail

```
ping 1.2.3.5 # FAIL!!!
ping: socket: operation not permitted
```

So I am quite sure it's matter of security policies to "enable" network packets to "leave" the jail, but, not sure where and how tune that.

Thanks in Advance


----------



## graudeejs (Mar 23, 2010)

```
# sysctl security.jail.allow_raw_sockets 1
```
you will be able to ping from inside, jail, but as you said, its' security issue
(you can reach internet, you only can't ping by default)


----------



## SirDice (Mar 23, 2010)

You can't ping from a jail because a jail doesn't have access to raw sockets. By default at least. Doesn't mean it's not working though


----------

