[patch] attach ipfw rules to jails
Alex Lyashkov
shadow at psoft.net
Mon Jul 5 22:25:41 PDT 2004
В Втр, 06.07.2004, в 00:27, Christian S.J. Peron пишет:
> I have written support for attaching ipfw rules to jails. I am
> looking for some testers/feedback.
>
> http://people.freebsd.org/~csjp/ip_fw_jail.diff
>
> NOTES:
> o Apply the patch
> o cd /usr/src && make includes
> o rebuild your kernel (or just the ipfw module)
> o rebuild the ipfw userspace utility;
>
> Syntax:
>
> ipfw add count ip from any to any jail 1
>
> "jail" takes a numeric argument, a jail ID.
>
> For those of you who dont know, jail IDs can be retrieved using
> the jls(8) utility.
>
> Input would be greatly appriciated.
> Thanks!
who not port vimage project to -current ? separated network stack and
firewall rules more and more faster then this...
If system not have jails vimage not add
observable overhead to system..
--
Alex Lyashkov <shadow at psoft.net>
PSoft
More information about the freebsd-hackers
mailing list