Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 14 Dec 2009 07:16:20 +0100
From:      "Jack Raats" <jack@jarasoft.net>
To:        "Paul Procacci" <pprocacci@datapipe.com>
Cc:        freebsd-stable@freebsd.org
Subject:   Re: Jails and IPFW
Message-ID:  <2E2F1B2A67C84F5AAD96D20E72897EF6@jarasc430>
References:  <07A054B7DD6A4672AC48684DEAB31697@jarasc430> <4B25CE1C.8030305@datapipe.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Hi Paul,

I'll understand, but I want to run apache and ssh on both jails using their 
standard configs.
(So they listen to every ip address and interface).

>From your answer I learn than ipfw has to run on the host machine like:
$IPF 6000 pass tcp from any to $jail1 22,80 in
$IPF 6000 pass tcp from any to $jail2 22,80 in

Jack

----- Original Message ----- 
From: "Paul Procacci" <pprocacci@datapipe.com>
To: "Jack Raats" <jack@jarasoft.net>
Cc: <freebsd-stable@freebsd.org>
Sent: Monday, December 14, 2009 6:33 AM
Subject: Re: Jails and IPFW


If you are asking whether the root user of the jail can implement their
own firewall, then no that is not possible.
If you are asking whether you can use ipfw along side jails, then yes
you can.  The administration of said firewall doesn't change one bit due
to the introduction of a jail.
So, if it's information pertaining to ipfw that you need then `man ipfw`
is what you seek.

~Paul


Jack Raats wrote:
> Hi,
>
> I'm looking for a good manual how to implement ipfw in and with jails.
> Google doesn't give anything usefull
>
> Thanks for your time
>
> Jack
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
>


This message may contain confidential or privileged information.  If you are 
not the intended recipient, please advise us immediately and delete this 
message.  See http://www.datapipe.com/emaildisclaimer.aspx for further 
information on confidentiality and the risks of non-secure electronic 
communication. If you cannot access these links, please notify us by reply 
message and we will send the contents to you.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2E2F1B2A67C84F5AAD96D20E72897EF6>