Date: Wed, 16 Jul 2003 09:09:09 +0800 From: Ng Pheng Siong <ngps@netmemetic.com> To: Nicholas Esborn <nick@netdot.net> Cc: "V. Jones" <vjones62@earthlink.net> Subject: Re: jails, ipfilter & stunnel Message-ID: <20030716010909.GD832@vista.netmemetic.com> In-Reply-To: <20030715161909.GA6394@carbon.berkeley.netdot.net> References: <8213881.1058211676830.JavaMail.nobody@beaker.psp.pas.earthlink.net> <20030714211518.GD4973@garage.freebsd.pl> <3F13A975.7020508@geminix.org> <20030715161909.GA6394@carbon.berkeley.netdot.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 15, 2003 at 09:19:09AM -0700, Nicholas Esborn wrote: > Would it be useful to create multiple IP aliases on lo0, i.e. 127.0.0.2, > 127.0.0.3, bind the jails to those, then use ipfw, ipf/ipnat, or a TCP > proxy to connect ports on the server's real IP to services bound to the > lo0 aliases? Yup, I do that on some of my machines. Mostly works. Easy to experiment with, too. -- Ng Pheng Siong <ngps@netmemetic.com> http://firewall.rulemaker.net -+- Manage Your Firewall Rulebase Changes http://www.post1.com/home/ngps -+- Open Source Python Crypto & SSL
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030716010909.GD832>