Hello,

Can i I run pf inside the jail[ ]?

I am trying to use pf inside of the jail, but it doens't doesn't load up.

i I have enabled pf in jail rc.conf.

Question goes, is this even possible ?

- Folivora

AFAIK, Only if you use VIMAGE
Otherwise no.

Sorry I don't know the details about VIMAGE

Thanks,

I just noticed that jail doesn't have it's its own kernel.


- Folivora

You normally use the firewall that's running on the host. But as killasmurf86 noted, you may be able to use VIMAGE. Not sure if it would work with PF, I haven't tried it myself.

I think It works with ipfw only (there was some discussion about this on mailing list)