Re: Filtering outbound traffic for private address jails?

2016-06-26 Thread James Lodge
>'Lo. >On 2016-06-26T02:32:04 +0000 >James Lodge wrote: > > If you clone lo1, give it a 192.168.x.x/32 IP and then use the following > pf.conf > Do you need to bridge the interfaces? You may need to add > gateway_enable="YES" to rc.conf > >

Re: Filtering outbound traffic for private address jails?

2016-06-25 Thread James Lodge
Sent from my iPhone On 25 Jun 2016, at 23:10, "org.freebsd.secur...@io7m.com" mailto:org.freebsd.secur...@io7m.com>> wrote: Hello. I have been searching for the best part of a day for a solution to this problem and quite frankly cannot believe that I've

Re: NAT SIP ALG

2016-05-13 Thread James Lodge
> On 12 May 2016, at 20:08, Eugene Grosbein wrote: > > Hi! > > Does FreeBSD have any kind of NAT capable of parsing SIP signalling traffic > to properly translate IP addresses inside protocol? > > Eugene Grosbein > > ___ > freebsd-net@freebsd.org ma

vxlan interface rc.conf configuration

2016-01-09 Thread James Lodge
I'd appreciate some help with vxlan interface creation at boot up. I can create a vxlan interface (unicast) using ifconfig(8) but I'm unable to work out or find the correct rc.conf syntax. I can clone the interface, but cannot configure a vni or any other parameters. This is what I have rc

Re: vxlan interface rc.conf configuration

2016-01-09 Thread James Lodge
>I'd appreciate some help with vxlan interface creation at boot up. I can >create a vxlan interface (unicast) using >ifconfig(8) but I'm unable to work >out or find the correct rc.conf syntax. > >I can clone the interface, but cannot configure a vni or any other parameters. > >This is what I

Re: Jail - PF - NAT - Network Performance

2015-10-25 Thread James Lodge
> On 25 Oct 2015, at 18:47, James Lodge wrote: > >> On 25 Oct 2015, at 17:46, James Lodge wrote: >> I currently have a FreeBSD 10.1 host running on Digital Ocean. I have >> multiple jails and I'm not using vimage. >> >> >> I'm using PF o

Re: Jail - PF - NAT - Network Performance

2015-10-25 Thread James Lodge
> On 25 Oct 2015, at 17:46, James Lodge wrote: > I currently have a FreeBSD 10.1 host running on Digital Ocean. I have > multiple jails and I'm not using vimage. > > > I'm using PF on the host to NAT traffic from said jails and all is working as > expected. I

Jail - PF - NAT - Network Performance

2015-10-25 Thread James Lodge
Dear All, I wonder if you'd be so kind as to help/point me in the right direction in order to fix a network performance issue I seem to have. I currently have a FreeBSD 10.1 host running on Digital Ocean. I have multiple jails and I'm not using vimage. I'm using PF on the host to NAT traffi