From owner-freebsd-questions@FreeBSD.ORG Thu Dec 7 16:01:47 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 634D016A4AB for ; Thu, 7 Dec 2006 16:01:47 +0000 (UTC) (envelope-from amistry@am-productions.biz) Received: from mail.united-ware.com (am-productions.biz [69.61.164.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id A15D543F06 for ; Thu, 7 Dec 2006 15:56:51 +0000 (GMT) (envelope-from amistry@am-productions.biz) Received: from [192.168.1.100] (cpe-24-210-75-119.columbus.res.rr.com [24.210.75.119]) (authenticated bits=0) by mail.united-ware.com (8.13.8/8.13.8) with ESMTP id kB7GHJ44025235 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 7 Dec 2006 11:17:48 -0500 (EST) (envelope-from amistry@am-productions.biz) From: Anish Mistry Organization: AM Productions To: freebsd-questions@freebsd.org Date: Thu, 7 Dec 2006 10:58:05 -0500 User-Agent: KMail/1.9.4 References: <457830BE.60203@scls.lib.wi.us> In-Reply-To: <457830BE.60203@scls.lib.wi.us> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart3340057.SgQTdJVLDM"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200612071058.14264.amistry@am-productions.biz> X-Spam-Status: No, score=0.9 required=5.0 tests=BAYES_50,J_CHICKENPOX_48, MYFREEBSD2,RCVD_IN_NJABL_DUL,SPF_SOFTFAIL autolearn=no version=3.1.3 X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on mail.united-ware.com X-Virus-Scanned: ClamAV 0.88.5/2299/Thu Dec 7 02:36:50 2006 on mail.united-ware.com X-Virus-Status: Clean Cc: Greg Barniskis , Denzil Kelly Subject: Re: freebsd jails X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Dec 2006 16:01:47 -0000 --nextPart3340057.SgQTdJVLDM Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Thursday 07 December 2006 10:18, Greg Barniskis wrote: > Denzil Kelly wrote: > > I need to implement web content filtering using squidguard and/or > > dansguardian for several locations. Each site has different > > filtering requirements. I want to know if it is possible to do > > this using a jail for each site(provided that I have sufficiently > > powerful hardware). > > Should not be too difficult to implement. > > > I want to > > have a different IP address for each jail. > > A unique IP for each jail is required in any case. > > > If this is possible do I need to > > have a different NIC for each jail? > > Nope. Just use aliases in rc.conf for the one NIC. For example, if > I have a NIC fxp0, on a host with two jails: > > ifconfig_fxp0=3D"inet 192.168.0.1 netmask 255.255.255.0" > ifconfig_fxp0_alias0=3D"inet 192.168.0.2 netmask 255.255.255.255" > ifconfig_fxp0_alias1=3D"inet 192.168.0.3 netmask 255.255.255.255" > > Note the alias masks are all ones -- that's not a typo. =46or 6.2 and above you don't need the alias lines anymore, the=20 following works just fine. jail_list=3D"wwwtest" # wwwtest jail jail_wwwtest_interface=3D"vr0" jail_wwwtest_ip=3D"192.168.1.61" jail_wwwtest_hostname=3D"wwwtest.example.org" jail_wwwtest_rootdir=3D"/jail/wwwtest" jail_wwwtest_devfs_enable=3D"YES" jail_wwwtest_devfs_ruleset=3D"devfsrules_jail" =2D-=20 Anish Mistry amistry@am-productions.biz AM Productions http://am-productions.biz/ --nextPart3340057.SgQTdJVLDM Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQBFeDoWxqA5ziudZT0RAmYQAKCsQezU5AprCTFYbJvL3U1o2qzT0wCeIlPQ JEyqX/KkJw/wwDxUIEVQFt4= =2+6W -----END PGP SIGNATURE----- --nextPart3340057.SgQTdJVLDM--