Date: Sun, 23 Mar 2014 00:11:49 -0400 From: "Littlefield, Tyler" <tyler@tysdomain.com> To: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: jails, subnets and etc? Message-ID: <532E5F05.2040207@tysdomain.com>
next in thread | raw e-mail | index | archive | help
hello all: I'm curious if I'm doing this right, and would like some advice from someone. First, I created a jail with ezjails and set it's IP to 192.168.0.2, then bound mysql to that address. The idea is that mysql can run in its own jail while not being accessible to the outside world. I set the gateway (defaultrouter in the jail's rc.conf) to the IP address of my machine so the system can access the network. This is where I run into a bit of fun: I am unable to ping/telnet to 192.168.0.2 3306, and I am unable to telnet out of the jail. So, I have a few questions: 1) what needs to happen on the pf side to forward ports from x.x.x.x (my external-facing interface), to a specific address and port on the subnet? the idea is that I will just use pf to forward ports to public-facing jailed services. 2) Do I need to do something special to get this subnet set up? What needs to happen to get the jail and the host talking to each other? thanks in advance, -- Take care, Ty http://tds-solutions.net He that will not reason is a bigot; he that cannot reason is a fool; he that dares not reason is a slave.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?532E5F05.2040207>