Mirrors/BastilleBSD_bastille
1
0
Fork 1
mirror of https://github.com/BastilleBSD/bastille.git synced 2025-12-11 17:39:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update README

Browse Source
This commit is contained in:
pc
2020-02-01 16:12:20 +00:00
parent e408254448
commit fe16a25cee
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@@ -159,21 +159,24 @@ container at `10.17.89.45`.
Finally, enable and (re)start the firewall:
## dynamic rdr anchor (see below)
rdr-anchor "rdr/*"
## dynamic rdr
The `rdr-anchor "rdr/*"` anables dynamic rdr rules to be setup using the
The `rdr-anchor "rdr/*"` enables dynamic rdr rules to be setup using the
`bastille rdr` command at runtime - eg.
```
bastille rdr <jail> --tcp 2001 22 # Redirects tcp port 2001 on host to 22 on jail
bastille rdr <jail> --udp 2053 53 # Same for udp
bastille rdr <jail> --list # List dynamic rdr rules
bastille rdr <jail> --clear # Clear dynamic rdr rules
```
Note that if you are rediirecting ports where the host is also listening
(eg. ssh) you should make sure that the host service is not listening on
the cloned interface - eg. for ssh set sshd_flags in rc.conf
## Enable pf rules
```shell
ishmael ~ # sysrc pf_enable="YES"
ishmael ~ # service pf restart