On Fri, 21 Nov 2008, Ruslan Ermilov wrote:
Hi,
Have been traveling, hence long "no reply"...
On Sun, Nov 16, 2008 at 02:10:35PM +0000, Bjoern A. Zeeb wrote:
So the basic idea could be to only have
jail_<name>_ip=""
jail_<name>_ip6=""
and each of them would have a format like:
[iface|]address[/prefix]
I'd suggest [iface:] instead.
be aware that : might be problematic to parse from shell with IPv6
addresses as it would either be:
bge0:2001:db8::1
or just
2001:db8::1
where iface and prefix are optional and prefix only makes sense if
iface is given?
If iface is given it means configure the address with prefix to the
given interface; if prefix is not given the default would be /32 for
ipv4 and /128 for ipv6.
So now this would give really long and complicated lines in rc.conf.
Do you think we could have something like the _alias<N> for interface
addresses so that it would be like:
jail_<name>_ip="" # default
jail_<name>_ip_multi0="" # second IP of the jail
jail_<name>_ip_multi1="" # third IP of the jail
jail_<name>_ip_multi2="" # 4th IP of the jail
and similar for IPv6?
(multi might not be the best suffix)
Something along those lines?
Ruslan, what do you think about something like that? We could have
that for HEAD and 7 just now and add the _multi<N> support with the
multi-IP jail patches? Could you and Ruben work together to build
this?
I think this is a good idea. My workaround with routes
I mentioned doesn't actually work, so currently we use
a version from HEAD on our production servers, and the
modified version of ezjail port that supports netmasks.
Sounds like a plan then. Thanks a lot.
/bz
--
Bjoern A. Zeeb Stop bit received. Insert coin for new game.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
