Date: Wed, 27 Dec 2006 16:56:38 +0100 From: Jeremie Le Hen <jeremie@le-hen.org> To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: Gergely CZUCZY <phoemix@harmless.hu>, freebsd-net@freebsd.org Subject: Re: [fbsd] Re: jail addresses and default bindings Message-ID: <20061227155638.GG2187@obiwan.tataz.chchile.org> In-Reply-To: <20061216100556.T91892@maildrop.int.zabbadoz.net> References: <20061216094004.GA24480@harmless.hu> <20061216100556.T91892@maildrop.int.zabbadoz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Dec 16, 2006 at 10:13:00AM +0000, Bjoern A. Zeeb wrote: > >this way it's hard to distingvish in a packet filter(let's say pf), > >among connections originating from within the jail itself or > >from the host system to the jail. > > I won't ask why you would want to do that if you control it > from the "host" system anyway... Additionally, ipfw(8) has the "jail" keyword, though it is easier to work with IP addresses since jail ids are bumped whenever you restart a jail. Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061227155638.GG2187>