subscriber+freebsd at markshroyer.com
Mon Mar 22 01:44:46 UTC 2010
On 3/21/2010 8:21 PM, Aiza wrote:
> Does the ip address notation for the jail include the port number?
> Like 10.0.20.2:80 Nat port forwarding is the long way around just to get
> the correct port number to the jail ip address.
Nope, jails are assigned one (or more) specific IP addresses, but not
specific port numbers. So if you don't have a separate public IP for
your jail, you'll be relying on some sort of packet filter to redirect
traffic to its private IP address.
This isn't as big a deal as it may sound, especially if you're already
using PF, which has built-in packet redirection capabilities that do not
require you to run a separate NAT daemon.
> I found the man ezjail-admin has this format
> ezjail-admin install -h file:// Where -h file:// means get the
> binaries from the host system the jails are running on. Am I correct?
Yes, according to the man page. I haven't tried it yet myself, since I
set up my basejail before this option was available.
> My understanding of handbook section 15.6 Application of Jails
> (service jails)is a copy of the host binaries is populated into the
> basejail and all the other jails have read only access to it. Each guest
> jail also has a read/write space for installing ports/packages unique to
> that jail including /var /usr /etc. Am I correct? Is this how ezjail is
> configured now?
Yes, that's correct.
More information about the freebsd-questions