Date: Mon, 12 May 2003 20:37:15 +0200 From: freebsdquestions@schatti.ch To: freebsd-security@FreeBSD.org Subject: Re: Gateway config Message-ID: <courier.3EBFE9DB.00011CDE@mail.schatti.ch>
next in thread | raw e-mail | index | archive | help
>On Sunday 11 May 2003 03:19 pm, freebsdquestions@schatti.ch wrote: >> Hi all! >> >> Short question: could anyone point me to documents regarding topics: >> jails! & nat & (ipfw|ip tables) - I'm in process to build a new system... >> Planned layout: >> >> NET---router/nat-----gateway:freebsd5.x/nat--------inner net >> >> | | L- apache/php (lo_alias1) >> | >> | L------ mail server (lo_alias2) >> >> L----------- djbdns (lo_alias3) >> >> Any hints, do's and dont's ? what about natd/ipnat ? which is better for >> dynamic rules ? Especially: how to manage that in conjunction with >multiple >> jails ?? > >Helps having a subject on these things, especially if a discussion gets >brewing. > >I have yet to see any really good articles on the web concerning Jail >setups. >The AbsoluteBSD book has a really sweet walk through in getting jails up >and >running. Not much information on how to get your jails updated though, >which >I had hoped to research a little bit further. > >I did happen upon the following doing a quick Googling about... > >FreeBSD Jail Software and Docs >http://memberwebs.com/nielsen/freebsd/jails/>; > >FreeBSD Jail Scripts >http://jailnotes.cg.nu/zcripts > >And the really well written man page... >man 8 jail > >I too would be curious to see anything additional that you might find on >the >subject. The basic concepts are reasonable enough, but there are a few >devilish details I'd like to see more of. > >One item that I'm kind of curious about, and betting others might be as >well. >What do you mean by "dynamic rules"? Dynamic in what sense? Dynamic as in >stateful firewall, or IP, or what? Also, I'd like to see examples of devfs-configurations, and how they are stored/restored.. Dynamic: In sense of 'stateful firewall'; where to put the rules:before or after nat ? If anyone has some sort of scripts for jails, devfs - feel free to send me those. thx Slim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?courier.3EBFE9DB.00011CDE>