From 9753cbaf5a8a7ce44b01f454aa54f972ee0204d1 Mon Sep 17 00:00:00 2001 From: Koichiro Iwao Date: Thu, 10 Jul 2025 13:55:07 +0900 Subject: [PATCH] list: exclude tunnel endpoint (src/dst) addresses from IP address listing of jails with gif/gre interfaces Reported at: #1175 For example: gif0: flags=1008051 metric 0 mtu 1460 options=80000 tunnel inet6 2001:db8::cafe:cafe --> 3fff::feed:feed inet 192.168.1.1 --> 10.10.10.10 netmask 0xffffffff groups: gif nd6 options=29 gif1: flags=1008011 metric 0 mtu 1280 options=80000 tunnel inet 192.0.2.10 --> 198.51.100.20 inet 10.0.0.1 --> 10.0.0.2 netmask 0xffffffff groups: gif nd6 options=29 --- usr/local/share/bastille/list.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr/local/share/bastille/list.sh b/usr/local/share/bastille/list.sh index 22ce715b..b7056673 100644 --- a/usr/local/share/bastille/list.sh +++ b/usr/local/share/bastille/list.sh @@ -194,8 +194,8 @@ get_jail_info() { # Get info if jail is UP if [ "$(awk '$1 == "vnet;" { print $1 }' "${bastille_jailsdir}/${JAIL_NAME}/jail.conf" 2> /dev/null)" ]; then # Get IP for VNET jails - JAIL_IP4="$(jexec -l ${JAIL_NAME} ifconfig -an | grep "inet " | grep -v "127.0.0.1" | awk '{print $2}')" - JAIL_IP6="$(jexec -l ${JAIL_NAME} ifconfig -an | grep "inet6" | grep -Ev 'lo[0-9]+| ::1 | fe80::' | awk '{print $2}' | sed 's/%.*//g')" + JAIL_IP4="$(jexec -l ${JAIL_NAME} ifconfig -an | grep "^[[:space:]]*inet " | grep -v "127.0.0.1" | awk '{print $2}')" + JAIL_IP6="$(jexec -l ${JAIL_NAME} ifconfig -an | grep "^[[:space:]]*inet6" | grep -Ev 'lo[0-9]+| ::1 | fe80::' | awk '{print $2}' | sed 's/%.*//g')" else # Get IP for standard jails JAIL_IP4=$(jls -j ${JAIL_NAME} ip4.addr | sed 's/,/\n/g')