On Thu, Dec 9, 2010 at 12:23 PM, Eitan Adler <li...@eitanadler.com> wrote: > Hi, > I want to throw together some jails for friends to play with. I'm not > terribly concerned about security on this machine. My goal is to do > something like > ezjail create james 10.0.0.1 > ezjail create jared 10.0.0.2 > ezjail create joe 10.0.0.3 > ezjail create idaho 10.0.0.4 > > I have a single IP address for my computer - so I would need some kind > of nat to allow these jails to access the outside world - and allow > the outside world to access them. > > I've looked into pf and I guess I would need something like > > nat on nfe0 from 10.0.0.1 to any -> $external_ip > > is this correct? > Do I need anything in in /etc/pf.conf ? >
you can use natd as well in rc.conf natd_enable="YES" natd_interface="rl1" natd_flags="-dynamic" then as root in the base system kldload ipdivert natd -n rl1 or whatever your interface is > -- > Eitan Adler > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
