From owner-freebsd-virtualization@FreeBSD.ORG  Sun Jun 19 20:40:34 2011
Return-Path: <owner-freebsd-virtualization@FreeBSD.ORG>
Delivered-To: freebsd-virtualization@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 024D6106564A;
	Sun, 19 Jun 2011 20:40:34 +0000 (UTC) (envelope-from stb@lassitu.de)
Received: from gilb.zs64.net (gilb.zs64.net [IPv6:2001:470:1f0b:105e::1ea])
	by mx1.freebsd.org (Postfix) with ESMTP id C10D78FC18;
	Sun, 19 Jun 2011 20:40:33 +0000 (UTC)
Received: by gilb.zs64.net (Postfix, from stb@lassitu.de) id 3F2FC7B442;
	Sun, 19 Jun 2011 22:40:32 +0200 (CEST)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset=us-ascii
From: Stefan Bethke <stb@lassitu.de>
In-Reply-To: <4DFD67F0.3010508@freebsd.org>
Date: Sun, 19 Jun 2011 22:40:31 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <30F13111-4ED7-412C-9F08-93340D51A633@lassitu.de>
References: <0A8B9BF3-8401-4541-9FBD-0C292149C5E4@lassitu.de>
	<4DFD67F0.3010508@freebsd.org>
To: freebsd-virtualization@freebsd.org
X-Mailer: Apple Mail (2.1084)
Cc: 
Subject: Re: VIMAGE and pf?
X-BeenThere: freebsd-virtualization@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion of various virtualization techniques FreeBSD supports."
	<freebsd-virtualization.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>,
	<mailto:freebsd-virtualization-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-virtualization>
List-Post: <mailto:freebsd-virtualization@freebsd.org>
List-Help: <mailto:freebsd-virtualization-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>,
	<mailto:freebsd-virtualization-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Jun 2011 20:40:34 -0000

Am 19.06.2011 um 05:07 schrieb Julian Elischer:

> On 6/18/11 3:53 AM, Stefan Bethke wrote:
>> Is VIMAGE supposed to be compatible with pf?  On r223207 (8-stable) =
I'm getting a panic when pfctl loads the rules:
>=20
>=20
> no they are not compatible.. there are comatibilty patches but we have =
so far failed to get them into the tree.

Aw, too bad.

I'm trying to get some processes, maybe a full jail, to use a seperate =
ADSL (PPPoE) connection as their default route, and I'm a bit flummoxed =
by the options.

It seems that pf won't allow me to reference jails in rules (according =
to pf.conf(5)), but I could have those processes run as a certain user.

Alternatively, I think I should be able to use setfib(1) with =
ROUTETABLES.  Any advice on how I would configure mpd5 and/or a jail?


Thanks,
Stefan

--=20
Stefan Bethke <stb@lassitu.de>   Fon +49 151 14070811