jails, ipfilter & stunnel
Ng Pheng Siong
ngps at netmemetic.com
Tue Jul 15 18:06:34 PDT 2003
On Tue, Jul 15, 2003 at 09:19:09AM -0700, Nicholas Esborn wrote:
> Would it be useful to create multiple IP aliases on lo0, i.e. 127.0.0.2,
> 127.0.0.3, bind the jails to those, then use ipfw, ipf/ipnat, or a TCP
> proxy to connect ports on the server's real IP to services bound to the
> lo0 aliases?
Yup, I do that on some of my machines. Mostly works. Easy to experiment
with, too.
--
Ng Pheng Siong <ngps at netmemetic.com>
http://firewall.rulemaker.net -+- Manage Your Firewall Rulebase Changes
http://www.post1.com/home/ngps -+- Open Source Python Crypto & SSL
More information about the freebsd-security
mailing list