Re: jails, ipfilter & stunnel
From: Ng Pheng Siong (ngps_at_netmemetic.com)
Date: 07/16/03
- Previous message: Jon Disnard: "filesystem firewall rules"
- In reply to: Nicholas Esborn: "Re: jails, ipfilter & stunnel"
- Maybe reply: V. Jones: "Re: Re: jails, ipfilter & stunnel"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 16 Jul 2003 09:09:09 +0800 To: Nicholas Esborn <nick@netdot.net>
On Tue, Jul 15, 2003 at 09:19:09AM -0700, Nicholas Esborn wrote:
> Would it be useful to create multiple IP aliases on lo0, i.e. 127.0.0.2,
> 127.0.0.3, bind the jails to those, then use ipfw, ipf/ipnat, or a TCP
> proxy to connect ports on the server's real IP to services bound to the
> lo0 aliases?
Yup, I do that on some of my machines. Mostly works. Easy to experiment
with, too.
-- Ng Pheng Siong <ngps@netmemetic.com> http://firewall.rulemaker.net -+- Manage Your Firewall Rulebase Changes http://www.post1.com/home/ngps -+- Open Source Python Crypto & SSL _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Jon Disnard: "filesystem firewall rules"
- In reply to: Nicholas Esborn: "Re: jails, ipfilter & stunnel"
- Maybe reply: V. Jones: "Re: Re: jails, ipfilter & stunnel"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
