RE: Jails and loopback interfaces
I recently did something like this. I have a webserver in a jail that
needs to talk to a database, and the webserver is the only thing that
should talk to the databse.
My solution was to use 2 jails: one for the webserver, and another for the
* runs webserver
* binds to real interface with real, routable IP
* runs database server
* binds to loopback interface, isn't directly reachable
from outside the box
just to clarify that for me: you did setup this layout or you
tried to setup this? as i read it, i understand that you did!
i tried exactly the same but currently jails are bound to the specific
ip-address assigned with them so i wonder, how the webserver on a real
ip-address can communicate with the database bound to the loopback ip?
if you could kindly tell, how you solved this issue (we're using 6.1).
freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Prev by Date: MAC policies and shared hosting
- Next by Date: Re: Jails and loopback interfaces
- Previous by thread: MAC policies and shared hosting
- Next by thread: Re: Jails and loopback interfaces