Date: Thu, 05 Jul 2007 10:54:36 +0200 From: bc <bc@default.co.yu> To: freebsd-security@freebsd.org Subject: Re: Jails and loopback interfaces Message-ID: <1183625676.894.282.camel@serafim.b61.bg.wi> In-Reply-To: <DFDD9B84-5DD1-4076-AB3E-869B19185CFB@tnpi.net> References: <DFDD9B84-5DD1-4076-AB3E-869B19185CFB@tnpi.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 2007-07-02 at 12:43 -0500, Matt Simerson wrote: > The problem I have with this arrangement is when a jail attempts to > connect to the public IP of another jails, the connection fails. So, > a client running in one jail can't send email to my mail server > running in another jail. You can try keeping up-to-date version of /etc/hosts with hostnames of public services pointing to you 127.0.0.2+ IPs. It's dirty, but at least keeps your pf.conf clean as much as possible. It works for me and it should for you if you dont move services around a lot. Then it requires lots of recursive changes in each jail if you move some service from one IP to another.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1183625676.894.282.camel>