Can a home LAN server use a jail as a router?

[Martes G Wigglesworth]

On 12/05/2010 10:53 PM, Da Rock wrote:
> Is it possible to use FreeBSD to create three "jails" on one
> box, so that one jail can be a router to the internet, and the other
> two can be webservers?
What you seem to need is to run the host as a router, and create two or 
three more jails on top of that router kernel.
The default should be a  router and the secondary functions should be 
the jail.
I think you just need to read a bit more on how jails are used on the 
BSD platform and it will be clear to you.

> I wanted to create an environment where if one
> webserver got compromised, the other webserver would be unaffected.
This would be the true use of jails in your environment.
You want to isolate web services such as Apache installs into jails so 
if they get compromised then you don't have to worry about the rest of 
the system becoming completely compromised.
> So I would
> also like to make a jail to be a samba server. 
I believe that you can install samba inside a jailed environment as 
well, however, I have never done this, so I am not familiar with how it 
will be done, however, I have a Bind-9 environment where the external 
internet interface serves the internet my public information, and there 
is a second jail which hosts dns for the internal segment. So I can see 
how Samba can be installed in a jail, and it would make appropriate 
sense to do so.

I hope this helps you in your investigation(s).

-- 
Respectfully,


Martes G Wigglesworth
M. G. Wigglesworth Holdings, LLC
www.mgwigglesworth.net