Add a few more permission bits to jailconfig:
INADDRANY: When 1, jail is allowed to bind to INADDR_ANY. When packet comes in, the pchlookup checks the prison IPs. ROUTING: Jail gets access to its routing table. This presently implies that the jail gets its own private routing table via new jail options. DEVMEM: Jail gets a real /dev/mem and /dev/kmem instead of a symlink to /dev/null. This pretty much bypasses security so its not something to do on widearea nodes, but on local nodes that fine.