On Wed, 23 Dec 2009, Mel Flynn wrote:
or later; no official FreeBSD version before had supported
multiple-IPs with a jail.
8.0-p3, yes.
ok
What it did was what you were asking for. That's the problem.
1) either use ifconfig
2) or use jail + interfaces
3) but do not mix them (especially not overlapping)
So I would suggest to do it like this:
# Base system IPs.
ifconfig_bge0="inet 192.168.177.60/24"
ifconfig_em0="inet 192.168.176.60/24"
jail_squid_rootdir="/usr/squid"
# Either use:
jail_squid_ip="bge0|192.168.177.62/32,em0|192.168.176.62/32"
# or:
jail_squid_ip="bge0|192.168.177.62/32"
jail_squid_ip_multi0="em0|192.168.176.62/32"
but do not use jail_squid_interface=".." as that will be a global
default for that jail.
Is it a global *default* or a global? For example, could I specify:
It's a global default; a more specific interface name that comes with
an address will override it. So you could do what you drafted below.
The entire "ifconfig" feature in rc.d/jail does not really belong
there but people started using it after it was introduced so we lost
that race.
jail_squid_interface="bge0"
jail_squid_ip="192.168.177.62/32"
jail_squid_ip_multi0="192.168.177.63/32"
jail_squid_ip_multi1="em0|192.168.177.62/32"
Below is a patch against HEAD to document the $interface|$ip syntax.
That wasn't done on purpose; man rc.conf has it, if you lookup jail_<jname>_ip .
/bz
--
Bjoern A. Zeeb It will not break if you know what you are doing.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[email protected]"
