Reaction score: 152
This is a server in my home. I have a router from my ISP which also functions as a DHCP.
I connect to my server from a windows computer in my LAN via ssh and webmin, and I also access the box itself via the command line.
I have forwarded a few ports to my server, so it can be reached from the outside.
I don't see why you would need NAT to set up jails. NAT is done on the perimeter of your network for the entire internal network. As for the login attempts, your search would start by taking a look at which ports exactly you forwarded on your router. If there is no need for you to login from the outside, then don't forward port 22. For the web server to be reachable from the outside, it should be sufficient to forward ports 80 and/or 443. Generally it's not advisable to forward any traffic from the outside before your machine is ready to go 'live'.However, I needed to add NAT, because I needed to use jails. I am in healthcare, which is a very regulated industry.
As it is, without the Pf I keep getting login attempts from 126.96.36.199. I would like to block those.