Date: Thu, 21 Jul 2005 09:19:14 -0600 From: "Chad Leigh -- Shire.Net LLC" <chad@shire.net> To: jaco@coocoo.za.net Cc: freebsd-questions@freebsd.org Subject: Re: [Jail] Setting default route in Jail? Message-ID: <B4E8042C-7A18-420D-A3EA-D510E0F95761@shire.net> In-Reply-To: <2217.196.37.144.120.1121958167.squirrel@webmail.premsoft.co.za> References: <2217.196.37.144.120.1121958167.squirrel@webmail.premsoft.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jul 21, 2005, at 9:02 AM, jaco@coocoo.za.net wrote: > Hello All, > > My setup looks like this: > The FreeBSD machine have a public range IP address, and I set up a > couple > of jails with private range IP addresses (192.168.x.x) on the same > box. > > The private range ip adresses are set up as aliases, using the > procedure > as described in the jail(8) man page. > > All works fine, except for the fact that from within the jails I do > not > have internet connectivity as the default route is the same as my jail > hosts default route. For this to work I would have to be able to > set my > default route in the jail environment to the IP address of my jail > host > and enable the jail host as a gateway. > > The problem is that you are not allowed to set the default route > inside of > the jail, and currently this default route is the default route of > the > jail host. > > I am sure other people must have had this problem before and found a > solution. :) > > Anybody know any workrounds? Or maybe a better way to set this up? Hi I got it working though I don't remember exactly how. I set my host as a gateway and maybe played around with some ipfw rules. I did do some ipfw rules and set up natd but I don't remember exactly what it was I was doing with them (meaning why) as I had some other needs as well... The xxx out addresses are the public netblock we have. I am not an ipfw expert and came up with these through trial and error and reading web pages in the middle of the night waymoot# more rc.firewall #!/bin/sh # /sbin/ipfw -f flush /sbin/ipfw add pass all from x.x.x.0/24 to me /sbin/ipfw add pass all from me to x.x.x.0/24 via bge0 /sbin/ipfw add pass all from 192.168.2.0/24 to me /sbin/ipfw add pass all from 192.168.1.0/24 to me /sbin/ipfw add pass all from me to 192.168.2.0/24 via bge1 /sbin/ipfw add pass all from me to 192.168.1.0/24 via bge0 /sbin/ipfw add divert natd all from any to any via bge0 /sbin/ipfw add pass all from any to any waymoot# best Chad > > Thank you in advance! > ---Jaco > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" > --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad@shire.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B4E8042C-7A18-420D-A3EA-D510E0F95761>