>On Sunday 11 May 2003 03:19 pm, freebsdquestions@schatti.ch wrote:
>> Hi all!
>>
>> Short question: could anyone point me to documents regarding topics:
>> jails! & nat & (ipfw|ip tables) - I'm in process to build a
new system...
>> Planned layout:
>>
>> NET---router/nat-----gateway:freebsd5.x/nat--------inner net
>>
>> | | L- apache/php (lo_alias1)
>> |
>> | L------ mail server (lo_alias2)
>>
>> L----------- djbdns (lo_alias3)
>>
>> Any hints, do's and dont's ? what about natd/ipnat ? which is
better for
>> dynamic rules ? Especially: how to manage that in conjunction with
>multiple
>> jails ??
>
>Helps having a subject on these things, especially if a discussion gets
>brewing.
>
>I have yet to see any really good articles on the web concerning Jail
>setups.
>The AbsoluteBSD book has a really sweet walk through in getting jails up
>and
>running. Not much information on how to get your jails updated though,
>which
>I had hoped to research a little bit further.
>
>I did happen upon the following doing a quick Googling about...
>
>FreeBSD Jail Software and Docs
>http://memberwebs.com/nielsen/freebsd/jails/>
>
>FreeBSD Jail Scripts
>http://jailnotes.cg.nu/zcripts
>
>And the really well written man page...
>man 8 jail
>
>I too would be curious to see anything additional that you might find on
>the
>subject. The basic concepts are reasonable enough, but there are a few
>devilish details I'd like to see more of.
>
>One item that I'm kind of curious about, and betting others might be as
>well.
>What do you mean by "dynamic rules"? Dynamic in what sense?
Dynamic as in
>stateful firewall, or IP, or what?
Also, I'd like to see examples of devfs-configurations, and how they are
stored/restored..
Dynamic: In sense of 'stateful firewall'; where to put the rules:before
or
after nat ?
If anyone has some sort of scripts for jails, devfs - feel free to send me
those. thx
Slim
