Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 23 Jul 2010 20:43:25 +0200
From:      Erik Norgaard <norgaard@locolomo.org>
To:        google@alexus.org
Cc:        alexus <alexus@gmail.com>, freebsd-questions@freebsd.org
Subject:   Re: ipnat.conf - map and rdr won't work!
Message-ID:  <4C49E2CD.7020607@locolomo.org>
In-Reply-To: <AANLkTi=ZmiRB=43xQEpJjZpeDBCRwf61W_-Sbbm8oaZt@mail.gmail.com>
References:  <AANLkTilVTo36Fzdh2DKAQhRjyDj8MNUuV9dhwvQ7Gf-V@mail.gmail.com>	<AANLkTinh0CykJ1Av3f2THPDFOLS0YtYLDvRMHXm_wD3w@mail.gmail.com>	<4C3F91CF.5090206@locolomo.org>	<AANLkTin6hYyHiG8taifkNHPBtKI0rKOkAaGRYodV1LLC@mail.gmail.com>	<4C419944.8030702@locolomo.org>	<AANLkTin8H47Z7suztGnWpa8fm-XIagQ6vzlxP85OIT-B@mail.gmail.com>	<4C447F7F.6020308@locolomo.org>	<AANLkTinM1E2Obrs8VqSsm3S_jcXqbw_Q1YLkc51tgJsS@mail.gmail.com>	<4C45D57F.2020506@locolomo.org>	<AANLkTinXjSXlL59mVU5bh-cIqxwHg5C3pgOsA7tcqFMk@mail.gmail.com>	<4C45F0F1.7010609@locolomo.org>	<AANLkTimFKATt4_4umseRhcrDl7BLkOuNvOfuXIGHrdJB@mail.gmail.com> <AANLkTi=ZmiRB=43xQEpJjZpeDBCRwf61W_-Sbbm8oaZt@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On 23/07/10 18.58, alexus wrote:

> i just did jail on public ip where i dont need to use ipnat, so
> obviously that works fine no problem
> not really what i wanted though but as a temporary fix its fine...

With all respect, I think you should start liking this solution, because 
for all I understand, this is the right solution.

If external access to the jail was otherwise through rdr, there is 
really no benefit at all, securitywise or otherwise. But allowing the 
jail to bind directly on the ip that external clients connect to you get 
simplicity and ease of configuration.

BR, Erik



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C49E2CD.7020607>