Filtering jail IP traffic

Attila Nagy bra at fsn.hu
Fri Aug 26 14:41:23 GMT 2005


Anders Nordby wrote:
> IP traffic from one jail to another jail, arrives on destination jail on
> lo0 having the destination jails IP as source IP. Why not the source
> jail's IP address?
> How can I filter traffic from one jail to another, using ipfw of ipf?
AFAIK (at least with pf), you can't really filter on loopback 
interfaces. Last time I tried, I could not filter on TCP or UDP ports, 
filtering from and to IP and protocol worked.

-- 
Attila Nagy                                   e-mail: Attila.Nagy at fsn.hu
Adopt a directory on our free software   phone @work: +361 371 3536
server! http://www.fsn.hu/?f=brick             cell.: +3630 306 6758


More information about the freebsd-security mailing list