Date: Sun, 11 May 2003 18:25:06 -0700 From: Michael Collette <metrol@metrol.net> To: FreeBSD Security <freebsd-security@FreeBSD.org> Subject: Re: Gateway config Message-ID: <200305111825.07340.metrol@metrol.net> In-Reply-To: <courier.3EBECC71.0001143C@mail.schatti.ch> References: <courier.3EBECC71.0001143C@mail.schatti.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday 11 May 2003 03:19 pm, freebsdquestions@schatti.ch wrote: > Hi all! > > Short question: could anyone point me to documents regarding topics: > jails! & nat & (ipfw|ip tables) - I'm in process to build a new system... > Planned layout: > > NET---router/nat-----gateway:freebsd5.x/nat--------inner net > > | | L- apache/php (lo_alias1) > | > | L------ mail server (lo_alias2) > > L----------- djbdns (lo_alias3) > > Any hints, do's and dont's ? what about natd/ipnat ? which is better for > dynamic rules ? Especially: how to manage that in conjunction with multiple > jails ?? Helps having a subject on these things, especially if a discussion gets brewing. I have yet to see any really good articles on the web concerning Jail setups. The AbsoluteBSD book has a really sweet walk through in getting jails up and running. Not much information on how to get your jails updated though, which I had hoped to research a little bit further. I did happen upon the following doing a quick Googling about... FreeBSD Jail Software and Docs http://memberwebs.com/nielsen/freebsd/jails/ FreeBSD Jail Scripts http://jailnotes.cg.nu/zcripts/ And the really well written man page... man 8 jail I too would be curious to see anything additional that you might find on the subject. The basic concepts are reasonable enough, but there are a few devilish details I'd like to see more of. One item that I'm kind of curious about, and betting others might be as well. What do you mean by "dynamic rules"? Dynamic in what sense? Dynamic as in stateful firewall, or IP, or what? Later on, -- "Outside of a dog, a book is man's best friend. Inside of a dog, it's too dark to read." - Groucho Marx
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200305111825.07340.metrol>