[ Charset ISO-8859-1 unsupported, converting... ]
> Hi,
>
> I need to have some jails configured, sharing single IP address (IPv6
> is a no-no for the time being:). Therefore I came up with an idea of
> binding them all to lo0 and assigning subsequent IP aliases as the
> addresses. The requirement for the jails is to let them to receive
> (the easy part) and *send* packets to the outside.
>
> The jails cannot directly access the Internet as they cannot bind to
> the external IP address of course. Some translation needs to be made,
> I think. After wrestling with ipfw/ipf/pf for a couple of hours I
> don't have a working solution.
>
> My last attempt to get outside from the jail with ipfw was:
>
> # ipfw add 200 divert natd log tcp from 127.0.0.2 to 127.0.0.2 222 in via lo0
>
> and for natd:
>
> redirect_port tcp 192.168.153.2:22 127.0.0.2:222
>
> I get this log from natd:
>
> In {default} 0000ffff[TCP] [TCP] 127.0.0.2:53057 -> 127.0.0.2:301 aliased to
> [TCP] 127.0.0.2:53057 -> 192.168.153.2:22
>
> Which obviously doesn't work. I've tried to add alias IP, but then it
> stops the natd `rule' matching.
Try another addresses not in 0/8 and 127/8.
>
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
