IPFW VIMAGE ipfw

Currently I'm running my pf firewall on OpenBSD on a standalone machine and OpenSMTPD on OpenBSD in a KVM on SmartOS. However, I'd like to run OpenSMTPD natively without KVM, but I can't get it to build on SmartOS (Solaris). I'd like to move my firewall from a standalone to a VM, and natively with SmartOS I'd have to use ipf. No problem, except no native OpenSMTPD.

I thought I'd figured out a solution to use FreeBSD with ipfw in a VIMAGE jail and OpenSMTPD in a regular jail. This would also save me from having to use a machine with EPT which is needed for KVM on SmartOS. My other thought previously was bhyve, but it also requires EPT which I wanted to remove as a requirement.

Then last night I realized that I can install FreeBSD and the source and even compile in VIMAGE, but I won't have the latest updates because I won't have Internet access until I install the firewall.

If I install FreeBSD, build the kernel with VIMAGE, create a ipfw firewall jail, would I then download the latest source and build again, then after that, create the regular jails?

Any thoughts, ideas, comments, suggestions, or opinions would be welcome and appreciated.
 
Back
Top