Native ipfilter isn't something that's going to happen any time soon. If you need this, you'll have to use KVM.
-- Brian Bennett Systems Engineer, Cloud Operations Joyent, Inc. | www.joyent.com <http://www.joyent.com/> > On Oct 6, 2017, at 1:27 PM, Rob Seastrom <[email protected]> wrote: > > Hi folks, > > I suspect that most people who run host firewalls on LX zones are doing it > from Triton, but for those of us running LX zones under non-SDC SmartOS, it > can be appealing to get native ipfilter running from inside the zone, out of > systemd <cough>, so it can be managed by one's automation system of choice. > > After some playing around earlier this week I managed to get this running > satisfactorily, so am passing along a link to the writeup in the hopes that > it will be useful to others. > > https://technotes.seastrom.com/2017/10/05/smartos-lx-firewall.html > > cheers, > > -r >
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
