Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 18 Sep 2001 13:45:38 -0400
From:      "Andrew Penniman" <apenniman@adelphia.net>
To:        <freebsd-security@freebsd.org>
Subject:   ipfw in a jail-centric environment?
Message-ID:  <003701c14069$bb1d2e00$7811a8c0@GANDALF>
next in thread | raw e-mail | index | archive | help 
This is a multi-part message in MIME format.

------=_NextPart_000_0034_01C14048.33667460
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

I'm playing with jails for the first time and am not sure how to handle =
packet filtering in this scenario.

Should the host and jail environments each handle their own packet =
filtering or is all filtering handled by the host?  Is natd required?

I have tried to locate information on this subject but haven't found =
anything useful....

Thanks much,
Andrew Penniman

------=_NextPart_000_0034_01C14048.33667460
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2600.0" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>I'm playing with jails for the first =
time and am=20
not sure how to handle packet filtering in this scenario.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Should the host and jail environments =
each handle=20
their own packet filtering or is all filtering handled by the =
host?&nbsp; Is=20
natd required?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>I have tried to locate information on =
this subject=20
but haven't found anything useful....</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Thanks much,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Andrew =
Penniman</FONT></DIV></BODY></HTML>

------=_NextPart_000_0034_01C14048.33667460--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?003701c14069$bb1d2e00$7811a8c0>