Hello everyone.
I've got a FreeBSD machine with a couple of jails with private IPs. I've got an external IP, traffic through which is redirected to respective jails. The pf configuration looks as follows:
What I'd like to do is connecting from jails to other jails through the public IP. Is it possible to achieve in some reasonable way (the jails are on a cloned loopback interface)?
I've got a FreeBSD machine with a couple of jails with private IPs. I've got an external IP, traffic through which is redirected to respective jails. The pf configuration looks as follows:
Code:
EXT_IF="em0"
JAIL_IF="lo1"
#IP_PUB="37.59.3.82"
#IP_PUB="87.98.233.200"
IP_PUB="87.98.238.135"
IP_MAIL="192.168.1.10"
IP_WWW="192.168.1.11"
IP_DB="192.168.1.12"
IP_DNS="192.168.1.13"
IP_JABBER="192.168.1.14"
IP_IRCD="192.168.1.15"
IP_USERS="192.168.1.16"
NET_JAIL="192.168.1.0/24"
PORT_WWW="{80,443,8000}"
PORT_MAIL="{25,465,995,110,993,143}"
PORT_DNS="{53}"
PORT_USERS="{22}"
PORT_IRCD="{6665,6666,6667,6668,6601,6697,7002,7029}"
scrub in all
# nat all jail traffic
nat pass on $EXT_IF from $NET_JAIL to any -> $IP_PUB
# WWW
rdr pass on $EXT_IF proto tcp from any to $IP_PUB port $PORT_WWW -> $IP_WWW
# MAIL
rdr pass on $EXT_IF proto tcp from any to $IP_PUB port $PORT_MAIL -> $IP_MAIL
# DNS
rdr pass on $EXT_IF proto tcp from any to $IP_PUB port $PORT_DNS -> $IP_DNS
rdr pass on $EXT_IF proto udp from any to $IP_PUB port $PORT_DNS -> $IP_DNS
# USERS
rdr pass on $EXT_IF proto tcp from any to $IP_PUB port $PORT_USERS -> $IP_USERS
# IRCD
rdr pass on $EXT_IF proto tcp from any to $IP_PUB port $PORT_IRCD -> $IP_IRCD
#block in on $EXT_IF proto tcp from ns365054.ovh.net to any
#block in on $EXT_IF proto udp from ns365054.ovh.net to any
# demo only, passing all traffic
pass out
pass inWhat I'd like to do is connecting from jails to other jails through the public IP. Is it possible to achieve in some reasonable way (the jails are on a cloned loopback interface)?