jails, subnets and etc?
Littlefield, Tyler
tyler at tysdomain.com
Sun Mar 23 04:11:53 UTC 2014
hello all:
I'm curious if I'm doing this right, and would like some advice from
someone.
First, I created a jail with ezjails and set it's IP to 192.168.0.2,
then bound mysql to that address.
The idea is that mysql can run in its own jail while not being
accessible to the outside world. I set the gateway (defaultrouter in the
jail's rc.conf) to the IP address of my machine so the system can access
the network.
This is where I run into a bit of fun: I am unable to ping/telnet to
192.168.0.2 3306, and I am unable to telnet out of the jail. So, I have
a few questions:
1) what needs to happen on the pf side to forward ports from x.x.x.x (my
external-facing interface), to a specific address and port on the
subnet? the idea is that I will just use pf to forward ports to
public-facing jailed services.
2) Do I need to do something special to get this subnet set up? What
needs to happen to get the jail and the host talking to each other?
thanks in advance,
--
Take care,
Ty
http://tds-solutions.net
He that will not reason is a bigot; he that cannot reason is a fool; he that dares not reason is a slave.
More information about the freebsd-questions
mailing list