From owner-freebsd-questions@FreeBSD.ORG Sat Nov 8 17:59:56 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7F9D616A4CE for ; Sat, 8 Nov 2003 17:59:56 -0800 (PST) Received: from cp4.myhostdns.org (cp4.myhostdns.org [64.5.40.24]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9F00843FE1 for ; Sat, 8 Nov 2003 17:59:55 -0800 (PST) (envelope-from bsdnewbie@coolarrow.com) Received: from max3-2.ip.realtime.net ([205.238.179.2] helo=system) by cp4.myhostdns.org with esmtp (Exim 4.24) id 1AIern-0002QY-Qd for freebsd-questions@freebsd.org; Sat, 08 Nov 2003 19:59:52 -0600 Message-ID: <200311081959410909.1DB3285B@cp4.myhostdns.org> X-Mailer: Courier 3.50.00.01.1088 (http://www.rosecitysoftware.com) (P) Date: Sat, 08 Nov 2003 19:59:41 -0600 From: "Chris" To: freebsd-questions@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - cp4.myhostdns.org X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [47 12] X-AntiAbuse: Sender Address Domain - coolarrow.com Subject: jails and ipfw2 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Nov 2003 01:59:56 -0000 My server, with a public IP address, is running named and sshd. This server= is also running IPFW2. There is a jail also running, with it's own unique public IP address. I= have found that IPFW2 will filter traffic to/from the jail, no matter if I= put the jail's alias on the ethernet device (fxp0) or the loopback device= (lo0). Is there an advantage or disadvantage to doing it one way vs the= other? Thanks, Chris