Date: Wed, 17 Sep 2014 10:53:37 -0400 From: "Littlefield, Tyler" <tyler@tysdomain.com> To: questions@freebsd.org Subject: jails, IPS and firewalls, oh my! Message-ID: <5419A071.2080800@tysdomain.com>
next in thread | raw e-mail | index | archive | help
Hello all: I asked this question a while back and was a bit unclear how exactly to word what I want, so I'll try again now that I've spent time with this. My goal is to end up with separate systems. For example, I want to run a mailman setup on my server. Right now I already have postfix running as well as nginx in a jail and did not want to try to work around my current configuration. I wanted to set up a lists subdomain and point it at 1.2.3.4 which is assigned to my server and just treat that as a separate system. So, on the advice of others who know BSD a lot more than I do I tried a few things. Mainly I assigned the IP to a jail and tried to firewall it off. The IP address though still is being used by em0, which means that even if I open port 80 it will point to my main server and not the jail. I am looking for a solution where I can assign the jail an interface, assign that interface to an IP address and then just protect it through a firewall on the host system. I read about epairs, tap devices and etc, but I'm not sure exactly which would be the best solution. Any advice/examples or pointers would be awesome. TIA, -- Take care, Ty http://tds-solutions.net He that will not reason is a bigot; he that cannot reason is a fool; he that dares not reason is a slave.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5419A071.2080800>