From owner-freebsd-net@freebsd.org  Thu May  5 05:50:20 2016
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6F1BDB2E067
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Thu,  5 May 2016 05:50:20 +0000 (UTC)
 (envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "vps1.elischer.org",
 Issuer "CA Cert Signing Authority" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 328941042;
 Thu,  5 May 2016 05:50:19 +0000 (UTC)
 (envelope-from julian@freebsd.org)
Received: from Julian-MBP3.local
 (ppp121-45-225-151.lns20.per1.internode.on.net [121.45.225.151])
 (authenticated bits=0)
 by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id u455o5a8098798
 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);
 Wed, 4 May 2016 22:50:08 -0700 (PDT)
 (envelope-from julian@freebsd.org)
Subject: Re: How to use pf with vimage jails?
To: Shawn Debnath <sd@beastie.io>, Alan Somers <asomers@freebsd.org>
References: <CAOtMX2jtxjUxiOv_LqO8Gg5AhXrSBb+WatCktx7y03w=st=w3w@mail.gmail.com>
 <67045371-07B8-4718-8A8B-98E3FBFF994E@sigsegv.be>
 <CAOtMX2hLhLGPU+6qb9ROd1P3vvazb_k3K6p0Q5A5a-znVzJQcg@mail.gmail.com>
 <20160504155915.GD4796@beastie.io>
Cc: Kristof Provost <kristof@sigsegv.be>, FreeBSD Net <freebsd-net@freebsd.org>
From: Julian Elischer <julian@freebsd.org>
Message-ID: <3ed0ddc2-3439-19fb-3075-8b5079cc5731@freebsd.org>
Date: Thu, 5 May 2016 13:49:59 +0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0)
 Gecko/20100101 Thunderbird/45.0
MIME-Version: 1.0
In-Reply-To: <20160504155915.GD4796@beastie.io>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 05 May 2016 05:50:20 -0000

On 4/05/2016 11:59 PM, Shawn Debnath wrote:
> On 05/04, Alan Somers wrote:
>> Then maybe it's the bridged aspect that's screwing me up.  Is there a guide
>> for using pf on bridged interfaces?  All I can find is this guide for ipfw.
> I ran into a similar issue recently  and decided to write up an article on
> my site that documents how to set up jails with VNET/VIMAGE using a bridge
> on the host. This might help you:
>
>    http://shawndebnath.com/articles/2016/03/27/freebsd-jails-with-vlan-howto.html
>
> If you see any errors, do let me know and I will get those fixed up.

devin just committed some sample code to share/examples

https://svnweb.freebsd.org/base/head/share/examples/jails/

there is also some code in
https://svnweb.freebsd.org/base/head/share/examples/netgraph/

that may be relevant, but uses netgraph bridging.


>
> Thanks,
> Shawn
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>