Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2026-01-05 20:24:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

0.5.20191128 release

Browse Source
This commit is contained in:
Christer Edwards
2019-11-28 09:21:13 -07:00
parent 90c0c1d4c0
commit 8414865355
6 changed files with 51 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/chapters/networking.rst
View File

@@ -81,7 +81,6 @@ First, create the loopback interface:
ishmael ~ # sysrc cloned_interfaces+=lo1
ishmael ~ # sysrc ifconfig_lo1_name="bastille0"
ishmael ~ # service netif cloneup
ishmael ~ # ifconfig bastille0 inet 10.17.89.10
Second, enable the firewall:
@@ -99,9 +98,10 @@ Create the firewall rules:
set block-policy return
scrub in on $ext_if all fragment reassemble
set skip on lo
nat on $ext_if from bastille0:network to any -> ($ext_if)
table <jails> persist
nat on $ext_if from <jails> to any -> ($ext_if)
## rdr example
## rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45
@@ -119,7 +119,7 @@ to containers are:
.. code-block:: shell
nat on $ext_if from bastille0:network to any -> ($ext_if)
nat on $ext_if from <jails> to any -> ($ext_if)
## rdr example
## rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45