Date: Wed, 5 Aug 2020 08:17:03 +0100 From: Arthur Chance <freebsd@qeng-ho.org> To: Ernie Luzar <luzar722@gmail.com>, "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>, "freebsd-jail@freebsd.org" <freebsd-jail@freebsd.org> Subject: Re: how to make a non-vnet jail local only? Message-ID: <77719bef-6c53-21a7-ca17-3ebac05427b9@qeng-ho.org> In-Reply-To: <5F2A051D.4030604@gmail.com> References: <5F2A051D.4030604@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 05/08/2020 02:02, Ernie Luzar wrote: > I have non-vnet jails working that can reach the public internet. > But now I would like to make some local only non-vnet jails that can > only access other local only non-vnet jails. BY local meaning have no > access to the public internet. > > How do I make this happen? > > Thanks for any pointers. Create a second loopback interface (cloned_interfaces="lo1" in /etc/rc.conf or ifconfig lo1 create for manual control) and put the local jails on lo1 without access to any other interface. -- The number of people predicting the demise of Moore's Law doubles every 18 months.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?77719bef-6c53-21a7-ca17-3ebac05427b9>