Jails and IPFW
Jack Raats
jack at jarasoft.net
Mon Dec 14 06:16:24 UTC 2009
Hi Paul,
I'll understand, but I want to run apache and ssh on both jails using their
standard configs.
(So they listen to every ip address and interface).
>From your answer I learn than ipfw has to run on the host machine like:
$IPF 6000 pass tcp from any to $jail1 22,80 in
$IPF 6000 pass tcp from any to $jail2 22,80 in
Jack
----- Original Message -----
From: "Paul Procacci" <pprocacci at datapipe.com>
To: "Jack Raats" <jack at jarasoft.net>
Cc: <freebsd-stable at freebsd.org>
Sent: Monday, December 14, 2009 6:33 AM
Subject: Re: Jails and IPFW
If you are asking whether the root user of the jail can implement their
own firewall, then no that is not possible.
If you are asking whether you can use ipfw along side jails, then yes
you can. The administration of said firewall doesn't change one bit due
to the introduction of a jail.
So, if it's information pertaining to ipfw that you need then `man ipfw`
is what you seek.
~Paul
Jack Raats wrote:
> Hi,
>
> I'm looking for a good manual how to implement ipfw in and with jails.
> Google doesn't give anything usefull
>
> Thanks for your time
>
> Jack
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
>
This message may contain confidential or privileged information. If you are
not the intended recipient, please advise us immediately and delete this
message. See http://www.datapipe.com/emaildisclaimer.aspx for further
information on confidentiality and the risks of non-secure electronic
communication. If you cannot access these links, please notify us by reply
message and we will send the contents to you.
More information about the freebsd-stable
mailing list