BastilleBSD/bastille
2
0
Fork 0
Code Pull Requests Actions Packages Releases Activity

Merge pull request #60 from cedwards/docs_update

Browse Source 
updating network documentation with seeded IP
This commit is contained in:
Christer Edwards
2019-11-20 19:51:11 -07:00
committed by GitHub
parent 1fd259e34b 19c5796920
commit 03186aefa2
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@@ -75,7 +75,9 @@ First, create the loopback interface:
```shell ```shell
ishmael ~ # sysrc cloned_interfaces+=lo1 ishmael ~ # sysrc cloned_interfaces+=lo1
ishmael ~ # sysrc ifconfig_lo1_name="bastille0"
ishmael ~ # service netif cloneup ishmael ~ # service netif cloneup
ishmael ~ # ifconfig bastille0 inet 10.17.89.10
``` ```
Second, enable the firewall: Second, enable the firewall:
@@ -95,7 +97,7 @@ set block-policy drop
scrub in on $ext_if all fragment reassemble scrub in on $ext_if all fragment reassemble
set skip on lo set skip on lo
nat on $ext_if from lo1:network to any -> ($ext_if) nat on $ext_if from bastille0:network to any -> ($ext_if)
## rdr example ## rdr example
## rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45 ## rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45
@@ -113,7 +115,7 @@ out.
Note: if you have an existing firewall, the key lines for in/out traffic to jails are: Note: if you have an existing firewall, the key lines for in/out traffic to jails are:
``` ```
nat on $ext_if from lo1:network to any -> ($ext_if) nat on $ext_if from bastille0:network to any -> ($ext_if)
## rdr example ## rdr example
## rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45 ## rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45