Hi guys,
I've been running into an issue lately with some of my clients. I am setting up jails with NAT to allow using a single IP address. I have the following simple setup
I also have the below in my rc.conf
When I boot my server, the jail with the IP address 192.168.0.2 has full internet access, but I cannot access port 8983 from outside. It will only work when I reload pf.
Any idea what is going on? Maybe I'm missing something?
Thanks
I've been running into an issue lately with some of my clients. I am setting up jails with NAT to allow using a single IP address. I have the following simple setup
Code:
set limit { states 1600000, frags 400000, src-nodes 400000 }
SafeHosts="{IP1, IP2, IP3, IP4}"
ext_if="igb0"
jail_if="lo1"
IP_PUB="PUBLICIP"
set skip on { lo0, lo1 }
scrub in all
# NAT all jail traffic
nat pass on $ext_if from 192.168.0.0/24 to any -> $IP_PUB
rdr pass inet proto tcp from $SafeHosts to $ext_if port 8983 -> 192.168.0.2 port 8983
I also have the below in my rc.conf
Code:
cloned_interfaces="lo1"
ipv4_addrs_lo1="192.168.0.1/24"
gateway_enabled="YES"
pf_enable="YES"
iocage_enable="YES"
When I boot my server, the jail with the IP address 192.168.0.2 has full internet access, but I cannot access port 8983 from outside. It will only work when I reload pf.
Any idea what is going on? Maybe I'm missing something?
Thanks