Gateway config
Michael Collette
metrol at metrol.net
Sun May 11 18:25:34 PDT 2003
On Sunday 11 May 2003 03:19 pm, freebsdquestions at schatti.ch wrote:
> Hi all!
>
> Short question: could anyone point me to documents regarding topics:
> jails! & nat & (ipfw|ip tables) - I'm in process to build a new system...
> Planned layout:
>
> NET---router/nat-----gateway:freebsd5.x/nat--------inner net
>
> | | L- apache/php (lo_alias1)
> |
> | L------ mail server (lo_alias2)
>
> L----------- djbdns (lo_alias3)
>
> Any hints, do's and dont's ? what about natd/ipnat ? which is better for
> dynamic rules ? Especially: how to manage that in conjunction with multiple
> jails ??
Helps having a subject on these things, especially if a discussion gets
brewing.
I have yet to see any really good articles on the web concerning Jail setups.
The AbsoluteBSD book has a really sweet walk through in getting jails up and
running. Not much information on how to get your jails updated though, which
I had hoped to research a little bit further.
I did happen upon the following doing a quick Googling about...
FreeBSD Jail Software and Docs
http://memberwebs.com/nielsen/freebsd/jails/
FreeBSD Jail Scripts
http://jailnotes.cg.nu/zcripts/
And the really well written man page...
man 8 jail
I too would be curious to see anything additional that you might find on the
subject. The basic concepts are reasonable enough, but there are a few
devilish details I'd like to see more of.
One item that I'm kind of curious about, and betting others might be as well.
What do you mean by "dynamic rules"? Dynamic in what sense? Dynamic as in
stateful firewall, or IP, or what?
Later on,
--
"Outside of a dog, a book is man's best friend. Inside of a dog, it's too dark
to read."
- Groucho Marx
More information about the freebsd-security
mailing list