Mirrors/BastilleBSD_bastille
1
0
Fork 1
mirror of https://github.com/BastilleBSD/bastille.git synced 2025-12-11 01:19:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

updating network documentation with seeded IP

Browse Source
This commit is contained in:
Christer Edwards
2019-11-20 19:49:39 -07:00
parent 2439ebd25e
commit 19c5796920
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@@ -71,7 +71,9 @@ First, create the loopback interface:
```shell
ishmael ~ # sysrc cloned_interfaces+=lo1
ishmael ~ # sysrc ifconfig_lo1_name="bastille0"
ishmael ~ # service netif cloneup
ishmael ~ # ifconfig bastille0 inet 10.17.89.10
```
Second, enable the firewall:
@@ -91,7 +93,7 @@ set block-policy drop
scrub in on $ext_if all fragment reassemble
set skip on lo
nat on $ext_if from lo1:network to any -> ($ext_if)
nat on $ext_if from bastille0:network to any -> ($ext_if)
## rdr example
## rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45
@@ -109,7 +111,7 @@ out.
Note: if you have an existing firewall, the key lines for in/out traffic to jails are:
```
nat on $ext_if from lo1:network to any -> ($ext_if)
nat on $ext_if from bastille0:network to any -> ($ext_if)
## rdr example
## rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45