diff --git a/docs/chapters/subcommands/create.rst b/docs/chapters/subcommands/create.rst index c12db4ba..0366f27a 100644 --- a/docs/chapters/subcommands/create.rst +++ b/docs/chapters/subcommands/create.rst @@ -5,24 +5,27 @@ Bastille create uses any available bootstrapped release to create a lightweight container system. To create a container simply provide a name, bootstrapped release and a private (rfc1918) IP address. -- name - release - ip - interface (optional) +The format is ``bastille create NAME RELEASE IP [INTERFACE]`` + +Note that the ``interface`` is optional. Bastille will use the default interface +that is configured when running the setup command. See ``bastille setup -l`` or +``bastille setup -s``. .. code-block:: shell - ishmael ~ # bastille create folsom 11.3-RELEASE 10.17.89.10 [interface] + ishmael ~ # bastille create folsom 11.3-RELEASE 10.17.89.10 [INTERFACE] RELEASE: 11.3-RELEASE. NAME: folsom. IP: 10.17.89.10. -This command will create a 11.3-RELEASE container assigning the 10.17.89.10 ip -address to the new system. +This command will create a 11.3-RELEASE jail, assigning the 10.17.89.10 ip +address to the new jail. .. code-block:: shell ishmael ~ # bastille create alcatraz 13.2-RELEASE 10.17.89.113/24 - The above code will create a jail with a /24 mask. At the time of this documentation you can only use CIDR notation, and not use a netmask 255.255.255.0 to accomplish this. @@ -33,7 +36,7 @@ ranges include: - 10.0.0.0/8 - 172.16.0.0/12 - 192.168.0.0/16 Bastille does its best to validate the submitted ip is valid. This has not been -thouroughly tested--I generally use the 10/8 range. +thouroughly tested. I generally use the 10/8 range. A couple of notes about the created jails. First, MOTD has been disabled inside of the jails because it does not give information about the jail, but about the @@ -45,7 +48,6 @@ version information about the host system instead of the jail. If you need to check the version of freebsd running on the jail use the freebsd-version command to get accurate information. - Bastille can create many different types of jails, along with many different options. See the below help output. diff --git a/docs/chapters/subcommands/setup.rst b/docs/chapters/subcommands/setup.rst index af43c205..009cce2d 100644 --- a/docs/chapters/subcommands/setup.rst +++ b/docs/chapters/subcommands/setup.rst @@ -30,11 +30,11 @@ when not specifying an interface with the ``create`` command. Please note. You CANNOT run both a loopback and a shared interface with Bastille. Only one should be configured. If you configure one, it will disable the other. -The loopback option is the default, and is enough for most use cases. It is simply an ``lo`` interface +The ``-l|loopback`` option is the default, and is enough for most use cases. It is simply an ``lo`` interface that jails will get linked to on creation. -The ``shared`` option is for cases where you do not want a raw interface to use with bastille as -opposed to a loopback. Jails will then be created and linked to the shared interface. +The ``-s|shared`` option is for cases where you want a raw interface to use with bastille as +opposed to a loopback. Jails will be linked to the shared interface on creation. The ``-p|pf|firewall`` option will configure the pf firewall by enabling the service and creating the default ``pf.conf`` file. Once this is done, you can use the ``rdr`` command to forward traffic into