How to use two interface with jail
Albert Shih
Albert.Shih at obspm.fr
Wed Feb 6 06:00:38 PST 2008
Le 05/02/2008 à 17:37:25+0100, Kurt Jaeger a écrit
> Hi!
>
> > How can I make
> >
> > all traffic from the server/for the server pass through the first
> > interface
> >
> > all traffic from the jail /for the jail pass through the second
> > interface.
> >
> > In fact : How can make two «default router» on for the server, another for
> > all jail.
>
> Assuming you can use ipfw, here's an example:
>
> - Interfaces:
> if1: 192.168.1.1, gateway 192.168.1.254
> if2: 192.168.2.1, gateway 192.168.2.254
> - system uses 192.168.1.254 as its default gateway.
> - IP-ranges for jails are in the 192.168.2.0/24 range.
> - Then add the following ipfw rule:
>
> /sbin/ipfw add 1000 fwd 192.168.2.254 ip from 192.168.2.0/24 to any out via if2
>
> Give it a try.
Thanks for your help.
It's working.
I'm using pf (old habit) and with this single ligne
pass out route-to (bce1 router_address) from <jail> to ! network_CIDR
it's working.
Thanks.
Regards.
--
Albert SHIH
Observatoire de Paris Meudon
SIO batiment 15
Heure local/Local time:
Mer 6 fév 2008 14:58:45 CET
More information about the freebsd-jail
mailing list