On Mon, 2007-07-02 at 12:43 -0500, Matt Simerson wrote: > The problem I have with this arrangement is when a jail attempts to > connect to the public IP of another jails, the connection fails. So, > a client running in one jail can't send email to my mail server > running in another jail.
You can try keeping up-to-date version of /etc/hosts with hostnames of public services pointing to you 127.0.0.2+ IPs. It's dirty, but at least keeps your pf.conf clean as much as possible. It works for me and it should for you if you dont move services around a lot. Then it requires lots of recursive changes in each jail if you move some service from one IP to another. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[EMAIL PROTECTED]"
