Date: Tue, 06 Jul 2004 08:25:37 +0300 From: Alex Lyashkov <shadow@psoft.net> To: "Christian S.J. Peron" <csjp@freebsd.org> Cc: hackers@freebsd.org Subject: Re: [patch] attach ipfw rules to jails Message-ID: <1089091537.7827.5.camel@berloga.shadowland> In-Reply-To: <20040705212709.GA70873@freefall.freebsd.org> References: <20040705212709.GA70873@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
=F7 =F7=D4=D2, 06.07.2004, =D7 00:27, Christian S.J. Peron =D0=C9=DB=C5=D4: > I have written support for attaching ipfw rules to jails. I am=20 > looking for some testers/feedback. >=20 > http://people.freebsd.org/~csjp/ip_fw_jail.diff >=20 > NOTES: > o Apply the patch > o cd /usr/src && make includes > o rebuild your kernel (or just the ipfw module) > o rebuild the ipfw userspace utility; >=20 > Syntax: >=20 > ipfw add count ip from any to any jail 1 >=20 > "jail" takes a numeric argument, a jail ID. >=20 > For those of you who dont know, jail IDs can be retrieved using > the jls(8) utility. >=20 > Input would be greatly appriciated. > Thanks! who not port vimage project to -current ? separated network stack and firewall rules more and more faster then this... If system not have jails vimage not add=20 observable overhead to system.. --=20 Alex Lyashkov <shadow@psoft.net> PSoft
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1089091537.7827.5.camel>