[Semibug] Strange ssh behaviour (bug?) on FreeBSD
Mike Wayne
semibug15 at post.wayne47.com
Mon Aug 30 16:20:07 EDT 2021
I figured I'd ask here first, before the FreeBSD forums
I reworked on of my jails on FreeBSD 12.2-RELEASE-p9, taking the
jail IP address off the main ethernet interface and moving it to a
cloned interface "lo1". No NAT; everything uses a real IP address.
http, smtp, pop3, imap all work fine.
ssh fails.
No changes to firewall rules.
sshd in the jail is attached to the jailed address using
ListenAddress <IP address>
Change the jail back to the main ethernet interface and
everything works.
Did some digging with tcpdump:
- if the jail is on the main interface, ssh traffic is visable on
the ethernet interface
- if the jail is on lo1, no ssh traffic is visable on the ethernet
interface but all the other traffic (that works) is visable
So I added firewall rules that log all traffic to/from a single machine.
The firewall rules log for other protocols but do not log anything for ssh.
It's almost like FreeBSD is eating ssh (and only ssh) traffic.
Any ideas where to go looking? Or is this a bug?
More information about the Semibug
mailing list