Uwe Doering <[EMAIL PROTECTED]> wrote:
> Oliver Fromme wrote:
> > Uwe Doering <[EMAIL PROTECTED]> wrote:
> > [...]
> > > Now, since routes are a global resource in FreeBSD, is there a way to
> > > prevent users from other jails on that machine from accessing that VPN,
> > > too? If it were
Oliver Fromme wrote:
Uwe Doering <[EMAIL PROTECTED]> wrote:
[...]
> Now, since routes are a global resource in FreeBSD, is there a way to
> prevent users from other jails on that machine from accessing that VPN,
> too? If it weren't possible to restrict access to a VPN to the jail it
> is
Uwe Doering <[EMAIL PROTECTED]> wrote:
> Talking about security, while I haven't worked with VPNs so far I
> believe that there needs to be a route installed in order to forward
> packets to the remote end of the VPN connection.
In general, yes, you need a route. However, it depends on
what
Oliver Fromme wrote:
Marc G. Fournier wrote:
> Oliver Fromme wrote:
> > The problem is that you need to configure interfaces
> > (tun(4) or tap(4)) to set up the VPN, but ifconfig(8)
> > does not work inside a jail. That means you cannot
> > set up a VPN inside a jail. However, you can _us
Marc G. Fournier wrote:
> Oliver Fromme wrote:
> > The problem is that you need to configure interfaces
> > (tun(4) or tap(4)) to set up the VPN, but ifconfig(8)
> > does not work inside a jail. That means you cannot
> > set up a VPN inside a jail. However, you can _use_
> > it within a jai
On 2/8/06, Marc G. Fournier <[EMAIL PROTECTED]> wrote:
> On Wed, 8 Feb 2006, Oliver Fromme wrote:
>
> > Marc G. Fournier <[EMAIL PROTECTED]> wrote:
> > > Is this possible? I'm reading through the man pages for openvpn, and
> > > doubt that it is with 4.x, since it requires access to /dev, but with
On Wed, 8 Feb 2006, Oliver Fromme wrote:
Marc G. Fournier <[EMAIL PROTECTED]> wrote:
> Is this possible? I'm reading through the man pages for openvpn, and
> doubt that it is with 4.x, since it requires access to /dev, but with 6.x
> using devfs to mount dev into the jail, is it possible to set
Marc G. Fournier <[EMAIL PROTECTED]> wrote:
> Is this possible? I'm reading through the man pages for openvpn, and
> doubt that it is with 4.x, since it requires access to /dev, but with 6.x
> using devfs to mount dev into the jail, is it possible to set it up?
The problem isn't related to /
