Hi:
Created jails with a single public IP in a VPS to separate the services. There are two problems. <public_static_IP> quoted below is the public static IP provided by VPS provider:
In /etc/rc.conf, I added for jails:
In /etc/pf.conf:
Although I have made necessary changes in /etc/ssh/sshd_config of the $WWW_JAIL and sshd daemon is started:
The jails cannot reach the Internet not I can ssh to the jails using port 2022.
Any suggestions to overcome this problem? Thanks!
Created jails with a single public IP in a VPS to separate the services. There are two problems. <public_static_IP> quoted below is the public static IP provided by VPS provider:
- When I try to assign a static IP (by changing the
Code:
ifconfig_em0="inet <public_static_IP>/24"
However, when I change that to DHCPCode:ifconfig_em0="DHCP"
- With DHCP option enabled as above, the jails cannot reach the internet (tried with both ezjail and qjail).
In /etc/rc.conf, I added for jails:
Code:
ipv4_addrs_lo1="192.168.59.1-9/29"
In /etc/pf.conf:
Code:
PUB_IP="<public_static_IP>"
WWW_JAIL="192.168.59.3"
NET_JAIL="192.168.59.0/24"
PORT_JAIL="{80,443,2022}"
scrub in all
nat pass on em0 from $NET_JAIL to any -> $PUB_IP
rdr pass on em0 proto tcp from any to $PUB_IP port $PORT_JAIL -> $WWW_JAIL
Although I have made necessary changes in /etc/ssh/sshd_config of the $WWW_JAIL and sshd daemon is started:
Code:
Port 2022
ListenAddress 192.168.59.3
PermitRootLogin yes
The jails cannot reach the Internet not I can ssh to the jails using port 2022.
#pfctl -sn
Code:
nat pass on re0 inet from 192.168.59.0/24 to any -> <public_static_IP>
rdr pass on re0 inet proto tcp from any to 192.168.53.40 port = http -> 192.168.59.3
rdr pass on re0 inet proto tcp from any to 192.168.53.40 port = https -> 192.168.59.3
rdr pass on re0 inet proto tcp from any to 192.168.53.40 port = down -> 192.168.59.3
Any suggestions to overcome this problem? Thanks!