Date: Sun, 21 Mar 2010 21:44:43 -0400 From: Mark Shroyer <subscriber+freebsd@markshroyer.com> To: freebsd-questions@freebsd.org Subject: Re: ezjail Message-ID: <4BA6CB8B.8070309@markshroyer.com> In-Reply-To: <4BA6B80F.7050806@comclark.com> References: <4BA5AA53.5030503@comclark.com> <4BA69566.2040504@markshroyer.com> <4BA6B80F.7050806@comclark.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 3/21/2010 8:21 PM, Aiza wrote: > Does the ip address notation for the jail include the port number? > Like 10.0.20.2:80 Nat port forwarding is the long way around just to get > the correct port number to the jail ip address. Nope, jails are assigned one (or more) specific IP addresses, but not specific port numbers. So if you don't have a separate public IP for your jail, you'll be relying on some sort of packet filter to redirect traffic to its private IP address. This isn't as big a deal as it may sound, especially if you're already using PF, which has built-in packet redirection capabilities that do not require you to run a separate NAT daemon. > I found the man ezjail-admin has this format > ezjail-admin install -h file:// Where -h file:// means get the > binaries from the host system the jails are running on. Am I correct? Yes, according to the man page. I haven't tried it yet myself, since I set up my basejail before this option was available. > My understanding of handbook section 15.6 Application of Jails > (service jails)is a copy of the host binaries is populated into the > basejail and all the other jails have read only access to it. Each guest > jail also has a read/write space for installing ports/packages unique to > that jail including /var /usr /etc. Am I correct? Is this how ezjail is > configured now? Yes, that's correct. -- Mark Shroyer http://markshroyer.com/contact/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BA6CB8B.8070309>