Hello,
does anyone know how to fix : Error: [EFAULT] Please correct tcp(80:80) port rule as another running jail is using one of the mentioned ports.
there is no other jail using same host port, and if i set freenas webui to port 80 it works when accessing remotly, therefore all I want is to use 1 jail to host website (apache or node.js)
also passing other port numbers works
Your question is quite confusing. Could you try explaining it in a more structured way?
From what I could understand, you have the FreeNAS WebUI using port 80 and you want to run a website from within a jail using the same port and IP.
In such an environment you have a quite a few things that could be done.
You could put another webserver in front of FreeNAS’ own webserver interface and do redirects with name based virtual-hosts.
Or, in a best case scenario, you could ditch IPv4 entirely. With IPv6 this wouldn’t be an issue as you could have a different address for your TrueNAS, the jails and so on.
Before people come storming in to correct me, yes, this can be done with IPv4 as well, but it’s not ideal
hmm, let me try again
nothing is running on host port 80
→ i want to host jail with apache on that port
i can’t forward port 80 using VNAT port forwarding, if i do it throws error and denies running jail
i want to have webserver hosted @ http://hostname:80
Ok, so what is happening is that you’re trying to run a jail, possibly as an underprivileged user, on a privileged port (<=1024). In that case, you can:
A: Run the jail as root. Definitely NOT recommended.
B: Setup a firewall rule such as that inbound traffic on port 80 gets redirected to, for example, port 8080 with the jail listening there.
I recommend enabling VNET for your jails. This gives each jail it’s on IP stack, allowing you to do all the fun things like pf firewalls, tunnels and such.
Using NAT can cause conflicts if you have other jails or host services already running on that port.
They are privileged because they are classified as “well-known” ports and you should not tinker with running custom stuff in that range. You can. But you shouldn’t.
TrueNAS web gui runs on port 80 by default. Run your jail on some other port, and then proxy the service.
When you run a jail it will bind via nat to the adapter you selected as the interface. I would suggest what @DavieDavieDavie suggested.
As explained before, you’re gonna have to either setup a VNAT, ipfw/pf rule, run the jail as root, proxy the service, do a location proxy, recourse to IPv6 or manage your own way.
By the way, being sassy to people trying to help you is counter-productive.
If you are so sure nothing is running on 80 and you have the necessary permissions to do so (you don’t as the jail error showed) try running:
ss --all
That should list all the sockets/ports currently in use. I am not sure if it is part of FreeBSD’s default toolset or if they have a tool analogous to it. You can then grep around for port 80.
It is kind of historical, from the days when server computers were big and had a lot of users logged into them. Since only root could use the ports below 1024, people connecting to the webserver at port 80 on solaris-1.cs.colorado.edu (made up name) could trust that port 80 was an officially blessed webserver and not a random computer science student.
These days with everyone running their own Unix server (or 2 or 4 or 17) this is not a reliable indicator of anything.