Hello, i have a FreeBSD server with 2 network interfaces: external have one public IP and internal have one internal IP.
This server also have one jail which share public ip with the host system and another jail which share internal ip with host system.
Host system have PF firewall and will be gateway (and NAT) for internal network.
I need to block all traffic from jail with public IP to internal network and jail with internal ip.
How to do this? Maybe i should give "internal" jail another internal ip and try to block connection to interface with PF, but i think traffic from one jail to another doesn't go through the interface so can't be blocked with PF?
Thanks.
This server also have one jail which share public ip with the host system and another jail which share internal ip with host system.
Host system have PF firewall and will be gateway (and NAT) for internal network.
I need to block all traffic from jail with public IP to internal network and jail with internal ip.
How to do this? Maybe i should give "internal" jail another internal ip and try to block connection to interface with PF, but i think traffic from one jail to another doesn't go through the interface so can't be blocked with PF?
Thanks.