From owner-freebsd-questions Tue Jun 11 16:42:45 2002 Delivered-To: freebsd-questions@freebsd.org Received: from gate.volant.org (gate.volant.org [207.111.218.246]) by hub.freebsd.org (Postfix) with ESMTP id 61DC537B40A for ; Tue, 11 Jun 2002 16:42:40 -0700 (PDT) Received: from 216-55-134-176.dsl.san-diego.abac.net ([216.55.134.176] helo=[192.168.0.13]) by gate.volant.org with asmtp (TLSv1:DES-CBC3-SHA:168) (Exim 3.33 #1) id 17HvHB-000DiX-00; Tue, 11 Jun 2002 16:42:13 -0700 Date: Tue, 11 Jun 2002 16:41:51 -0700 From: Pat Lashley To: Andrea Bacchet , "'mh_lists@digitalspy.co.uk'" Cc: freebsd-questions@FreeBSD.ORG Subject: RE: Jail single ip network (FreeBSD 4.5) Message-ID: <1095390000.1023838911@mccaffrey.phoenix.volant.org> In-Reply-To: <8A6A2A139700D5118EB6009027B0FF3A0D91D78E@caemsx02.cae.ca> References: <8A6A2A139700D5118EB6009027B0FF3A0D91D78E@caemsx02.cae.ca> X-Mailer: Mulberry/2.2.1 (Linux/x86 Demo) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="==========2900459384==========" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --==========2900459384========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On Tuesday, June 11, 2002 09:29:27 AM -0400 Andrea Bacchet=20 wrote: > What I would like to do, is just make the jail invisible > to the outside world. I mean I have some services running in the > jail and some outside of it. When users will be asked to login, > I will give them only the dagobah ip. Depending on what services > they use, they'll either be logging in to the jail or into the > host. > > Therefore I will have to look into natd, to forward the > requests internally. > > If anyone has a quick solution, I'd really appreciate it. > Until then I'll read into natd. The easiest way that I can think of is to give the jail the 'real' IP address. In the jail you only run the services that you want to be jailed. Run the other services directly on dagobah. Unless you want the same service to be available in both environments, you probably don't even need a second IP address. -Pat --==========2900459384========== Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9BorKncYNbLD8wuMRAqkSAJ4jwoSa/TfuHAyZs/EIHYTiJOG7DgCePIdA bhvGIeFQyZbKM7cidmx/luU= =AmhF -----END PGP SIGNATURE----- --==========2900459384==========-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message