I'm stuck with setting up a working network connection for a jail running on a host in Qemu.
I'm running Qemu on MacOS.
After days of trying I feel like my head is spinning and I somewhat lost my way. So please forgive me for any gibberish in this post.
Here is what I've come up with:
Qemu assigns the internal IP 10.0.2.15 to the guest system (i.e. FreeBSD 13.1)
FreeBSD is up and running (as Qemu guest) and I can ssh and I have full network pkg install/update.
But I can not access any outside sites from within the Jails. I.e. I can't ping or pkg update from with a Jail.
After having tried a lot of different configuration options my head is spinning.
Maybe someone can help.
/etc/pf.conf
/etc/rc.conf
/etc/jail.conf
I'm running Qemu on MacOS.
After days of trying I feel like my head is spinning and I somewhat lost my way. So please forgive me for any gibberish in this post.
Here is what I've come up with:
Qemu assigns the internal IP 10.0.2.15 to the guest system (i.e. FreeBSD 13.1)
FreeBSD is up and running (as Qemu guest) and I can ssh and I have full network pkg install/update.
But I can not access any outside sites from within the Jails. I.e. I can't ping or pkg update from with a Jail.
After having tried a lot of different configuration options my head is spinning.
Maybe someone can help.
/etc/pf.conf
Code:
EXT_IF="vtnet0"
# PUB_IP is default IP address assigned by Qemu to (FreeBSD) guest:
PUB_IP="10.0.2.15"
JAIL_NET="10.66.66.0/24"
scrub in all
nat pass on $EXT_IF from $JAIL_NET to any -> $PUB_IP/etc/rc.conf
Code:
hostname="build-freebsd"
# default router is default gateway provided by Qemu
defaultrouter="10.0.2.2"
ifconfig_em0="DHCP"
ifconfig_vtnet0="inet 10.66.66.15 netmask 0xffffffff"
jail_enable="YES"
# Create cloned interface for Jails
cloned_interfaces="lo1";
gateway_enable="YES"
pf_enable="YES"
pflog_enable="YES"
pflog_logfile="/var/log/pflog"
# Jails GW starting at 10.66.66.15
ifconfig_lo1="inet 10.66.66.15 netmask 255.255.255.0"
# jail aliases
# setting up host only network
ifconfig_lo1_alias0="inet 10.0.2.16 netmask 255.255.255.255"
# None-Jails stuff
growfs_enable="YES"
sshd_enable="YES"
dumpdev="AUTO"
zfs_enable="YES"/etc/jail.conf
Code:
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
interface = "lo1";
exec.clean;
mount.devfs;
allow.raw_sockets=1;
enforce_statfs=0;
allow.mount;
allow.mount.nullfs;
allow.mount.tmpfs;
allow.mount.devfs;
allow.mount.procfs;
allow.mount.zfs;
allow.chflags;
# for postgresql
sysvmsg=new;
sysvsem=new;
sysvshm=new;
path = "/usr/local/jails/${name}";
ip4.addr = 10.66.66.$ip;
host.hostname = "${name}";
cms-www {
$ip = 16;
}
db-pgql {
$ip = 17;
}