Date: Wed, 24 Apr 2013 15:54:20 -0400 From: Joe <fbsd8@a1poweruser.com> To: "Teske, Devin" <Devin.Teske@fisglobal.com> Cc: "<freebsd-jail@freebsd.org> Jail" <freebsd-jail@freebsd.org>, "Robison, Dave" <Dave.Robison@fisglobal.com> Subject: Re: How to start a firewall in a vimage jail Message-ID: <5178386C.8010502@a1poweruser.com> In-Reply-To: <13CA24D6AB415D428143D44749F57D7201F1DE32@ltcfiswmsgmb21> References: <517812D4.2010304@a1poweruser.com> <5178175E.5020604@fisglobal.com> <13CA24D6AB415D428143D44749F57D7201F1DE32@ltcfiswmsgmb21>
next in thread | previous in thread | raw e-mail | index | archive | help
Teske, Devin wrote: > On Apr 24, 2013, at 10:33 AM, Robison, Dave wrote: > >> On 04/24/2013 10:13, Joe wrote: >>> Hello >>> >>> I am having a very difficult time getting pf firewall to start in a vimage jail on 9.1-RELEASE. >>> >>> Is this at all possible? >>> >>> If this can be done, would you please share the details on how it's done? >>> >>> Thanks >>> >> Vimage doesn't yet support PF. IPFW works, however. >> > > Although one can successfully compile a kernel that has both the VIMAGE option and > "device pf" enabled, I've never tried pf inside a vimage. > > Maybe someone with some good pf experience can give it a go. > > I know ipfw works all the way. > > And as we (Joe and I) explored already, a kernel with IPFILTER option (for ipf) > will not work with VIMAGE (kernel panic at boot). ok lets change the question from setting up pf inside of a vimage jail to how to set up ipfw to run from inside of a vimage jail.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5178386C.8010502>