jails, IPS and firewalls, oh my!
Littlefield, Tyler
tyler at tysdomain.com
Wed Sep 17 14:53:10 UTC 2014
Hello all:
I asked this question a while back and was a bit unclear how exactly to
word what I want, so I'll try again now that I've spent time with this.
My goal is to end up with separate systems. For example, I want to run a
mailman setup on my server. Right now I already have postfix running as
well as nginx in a jail and did not want to try to work around my
current configuration. I wanted to set up a lists subdomain and point it
at 1.2.3.4 which is assigned to my server and just treat that as a
separate system.
So, on the advice of others who know BSD a lot more than I do I tried a
few things. Mainly I assigned the IP to a jail and tried to firewall it
off. The IP address though still is being used by em0, which means that
even if I open port 80 it will point to my main server and not the jail.
I am looking for a solution where I can assign the jail an interface,
assign that interface to an IP address and then just protect it through
a firewall on the host system. I read about epairs, tap devices and etc,
but I'm not sure exactly which would be the best solution. Any
advice/examples or pointers would be awesome.
TIA,
--
Take care,
Ty
http://tds-solutions.net
He that will not reason is a bigot; he that cannot reason is a fool; he that dares not reason is a slave.
More information about the freebsd-questions
mailing list