summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xezjail-admin20
1 files changed, 18 insertions, 2 deletions
diff --git a/ezjail-admin b/ezjail-admin
index 9c8e485..9a6c363 100755
--- a/ezjail-admin
+++ b/ezjail-admin
@@ -709,10 +709,26 @@ EOF
709 709
710 # check, whether some host system services do listen on the Jails IP 710 # check, whether some host system services do listen on the Jails IP
711 IFS=_ 711 IFS=_
712 ezjail_listener=`sockstat -4 -l | grep "${ezjail_ip}:[[:digit:]]"` 712 ezjail_listener=`sockstat -64l | grep "${ezjail_ip}:[[:digit:]]"`
713 [ $? -eq 0 ] && echo -e "Warning: Some services already seem to be listening on IP ${ezjail_ip}\n This may cause some confusion, here they are:\n${ezjail_listener}" 713 [ $? -eq 0 ] && echo -e "Warning: Some services already seem to be listening on IP ${ezjail_ip}\n This may cause some confusion, here they are:\n${ezjail_listener}"
714 714
715 ezjail_listener=`sockstat -4 -l | grep "*:[[:digit:]]"` 715 # collect list of jail ids with our ip address in their ip address set.
716 # Add none meaning the host system. Prepare this list as argument for pgrep
717 # by prepending -j to each jid
718 IFS=${TIFS}
719 jail_ids=`( echo none=
720 jls -n | sed -E -n s/'.*jid=([0-9]+).*ip4\.addr=([0-9.,]+)'.*/'\1=\2'/p | grep -Ee "${ezjail_ip}(,|$)"
721 jls -n | sed -E -n s/'.*jid=([0-9]+).*ip6\.addr=([0-9a-f:,]+)'.*/'\1=\2'/p | grep -Ee "${ezjail_ip}(,|$)"
722 ) | cut -d= -f1 | sed s/^/-j/`
723
724 # Fetch all corresponding process ids for all matching jail
725 jail_pids=`pgrep $jail_ids`
726
727 # expand pids to form a greppable expression
728 jail_grep=`echo $jail_pids | sed -E -e"s/ /)|(/g" -e"s/^/(/" -e"s/$/)/"`
729
730 IFS=_
731 ezjail_listener=`sockstat -46l | grep -E -e "*:[[:digit:]]" -e " ${jail_grep} "`
716 [ $? -eq 0 ] && echo -e "Warning: Some services already seem to be listening on all IP, (including ${ezjail_ip})\n This may cause some confusion, here they are:\n${ezjail_listener}" 732 [ $? -eq 0 ] && echo -e "Warning: Some services already seem to be listening on all IP, (including ${ezjail_ip})\n This may cause some confusion, here they are:\n${ezjail_listener}"
717 IFS=, 733 IFS=,
718 done 734 done