Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 17 Sep 2014 10:53:37 -0400
From:      "Littlefield, Tyler" <>
Subject:   jails, IPS and firewalls, oh my!
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help
Hello all:
I asked this question a while back and was a bit unclear how exactly to 
word what I want, so I'll try again now that I've spent time with this.
My goal is to end up with separate systems. For example, I want to run a 
mailman setup on my server. Right now I already have postfix running as 
well as nginx in a jail and did not want to try to work around my 
current configuration. I wanted to set up a lists subdomain and point it 
at which is assigned to my server and just treat that as a 
separate system.

So, on the advice of others who know BSD a lot more than I do I tried a 
few things. Mainly I assigned the IP to a jail and tried to firewall it 
off. The IP address though still is being used by em0, which means that 
even if I open port 80 it will point to my main server and not the jail.

I am looking for a solution where I can assign the jail an interface, 
assign that interface to an IP address and then just protect it through 
a firewall on the host system. I read about epairs, tap devices and etc, 
but I'm not sure exactly which would be the best solution. Any 
advice/examples or pointers would be awesome.


Take care,
He that will not reason is a bigot; he that cannot reason is a fool; he that dares not reason is a slave.

Want to link to this message? Use this URL: <>