diff --git a/docs/chapters/networking.rst b/docs/chapters/networking.rst index 61739e67..7ee3eecc 100644 --- a/docs/chapters/networking.rst +++ b/docs/chapters/networking.rst @@ -4,25 +4,25 @@ Networking Host Network Configuration -------------------------- -Bastille will automatically add and remove IP addressess to specified interfaces +Bastille will automatically add and remove IP addresses to specified interfaces as jails are started and stopped. Below is an outline of how Bastille handles -different types of jail network configs. +different types of jail network configurations. -* VNET mode. For VNET jails (non-bridged) bastille will create a bridge +* VNET mode: For VNET jails (``-V``) Bastille will create a bridge interface and attach your jail to it. It will be called ``em0bridge`` or whatever your interface is called. This will be used for the host/jail epairs. Bastille will create/destroy these epairs as the jail is started/stopped. -* Bridged VNET mode. For bridged VNET jails, you must manually create a bridge +* Bridged VNET mode: For bridged VNET jails (``-B``) you must manually create a bridge interface to attach your jail to. Bastille will then create and attach the host/jail epairs to this interface when the jail starts, and remove them when it stops. -* Alias mode. For classic/standard jails that use an IP that is accessible +* Alias mode: For classic/standard jails that use an IP that is accessible within your local subnet (alias mode) bastille will add the IP to the specified interface as an alias. -* NAT mode. For classic/standard jails that use an IP not reachable in you local +* NAT mode: For classic/standard jails that use an IP not reachable in you local subnet, bastille will add the IP to the specified interface as an alias, and additionally add it the the pf firewall table to allow the jail outbound access. If you do not specify an interface, Bastille will assume you have run @@ -30,11 +30,11 @@ different types of jail network configs. is created using the setup command) as it's interface. If you have not run ``bastille setup`` and do not specify an interface, Bastille will error. -* Inherit mode. For classic/standard jails that are set to ``inherit`` or +* Inherit mode: For classic/standard jails that are set to ``inherit`` or ``ip_hostname``, bastille will simply set ``ip4`` to ``inherit`` inside the jail config. The jail will then function according the jail(8) documentation. -* ip_hostname mode. For classic/standard jails that are set to ``ip_hostname``, +* ip_hostname mode: For classic/standard jails that are set to ``ip_hostname``, bastille will simply set ``ip4`` to ``ip_hostname`` inside the jail config. The jail will then function according the jail(8) documentation.