Merge pull request #394 from adyxax/network-access-on-startup

Fixes #338 Network access on jail startup
2025-12-25 05:20:44 +01:00 · 2021-07-04 08:48:59 -06:00
parent ada9352e1f 1a522cb3a8
commit 9f8b2514b3
1 changed files with 2 additions and 7 deletions
--- a/usr/local/share/bastille/start.sh
+++ b/usr/local/share/bastille/start.sh
@@ -83,6 +83,8 @@ for _jail in ${JAILS}; do
                error_notify "Error: IP address (${ip}) already in use."
                continue
            fi
+            ## add ip4.addr to firewall table:jails
+            pfctl -q -t jails -T add "${ip}"
        fi

        ## start the container
@@ -102,13 +104,6 @@ for _jail in ${JAILS}; do
                bastille rdr "${_jail}" ${_rules}
            done < "${bastille_jailsdir}/${_jail}/rdr.conf"
        fi
-
-        ## add ip4.addr to firewall table:jails
-        if [ -n "${bastille_network_loopback}" ]; then
-            if grep -qw "interface.*=.*${bastille_network_loopback}" "${bastille_jailsdir}/${_jail}/jail.conf"; then
-                pfctl -q -t jails -T add "$(jls -j ${_jail} ip4.addr)"
-            fi
-        fi
    fi
    echo
 done