Hello. On 2016-06-25T18:13:18 -0600 Alan Somers <asom...@freebsd.org> wrote:
> On Sat, Jun 25, 2016 at 4:05 PM, <org.freebsd.secur...@io7m.com> wrote: > > I'm not using vnet jails. I'm actually just trying to get filtering of > > outbound traffic (see the other mail I sent to this list a few seconds > > before you responded). > > Based on my experience, I highly recommend vnet jails if you want > outbound filtering. It's much simpler than trying to filter outbound > traffic from shared-IP jails. I'm trying to look at vnet jails, but they still seem to be mostly undocumented and not entirely supported. Lots of fairly recent posts online regarding panics in day-to-day use. Using them in production seems risky. Is there something I should be looking at in particular? When you say shared-IP jails, what exactly are you referring to? I'm not sure what's shared in this case; I have one public IP (it's a VPS) but individual jails are on their own private loopback addresses. M _______________________________________________ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
