Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2025-12-17 15:50:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

Resolve reviews

Browse Source
This commit is contained in:
tschettervictor
2025-05-21 18:06:35 -06:00
committed by GitHub
parent 84b1c785fd
commit ec32a2c17d
1 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
docs/chapters/networking.rst
View File

@@ -4,25 +4,25 @@ Networking
Host Network Configuration Host Network Configuration
-------------------------- --------------------------
Bastille will automatically add and remove IP addressess to specified interfaces Bastille will automatically add and remove IP addresses to specified interfaces
as jails are started and stopped. Below is an outline of how Bastille handles as jails are started and stopped. Below is an outline of how Bastille handles
different types of jail network configs. different types of jail network configurations.
* VNET mode. For VNET jails (non-bridged) bastille will create a bridge * VNET mode: For VNET jails (``-V``) Bastille will create a bridge
interface and attach your jail to it. It will be called ``em0bridge`` or interface and attach your jail to it. It will be called ``em0bridge`` or
whatever your interface is called. This will be used for the host/jail epairs. whatever your interface is called. This will be used for the host/jail epairs.
Bastille will create/destroy these epairs as the jail is started/stopped. Bastille will create/destroy these epairs as the jail is started/stopped.
* Bridged VNET mode. For bridged VNET jails, you must manually create a bridge * Bridged VNET mode: For bridged VNET jails (``-B``) you must manually create a bridge
interface to attach your jail to. Bastille will then create and attach the interface to attach your jail to. Bastille will then create and attach the
host/jail epairs to this interface when the jail starts, and remove them when host/jail epairs to this interface when the jail starts, and remove them when
it stops. it stops.
* Alias mode. For classic/standard jails that use an IP that is accessible * Alias mode: For classic/standard jails that use an IP that is accessible
within your local subnet (alias mode) bastille will add the IP to the within your local subnet (alias mode) bastille will add the IP to the
specified interface as an alias. specified interface as an alias.
* NAT mode. For classic/standard jails that use an IP not reachable in you local * NAT mode: For classic/standard jails that use an IP not reachable in you local
subnet, bastille will add the IP to the specified interface as an alias, and subnet, bastille will add the IP to the specified interface as an alias, and
additionally add it the the pf firewall table to allow the jail outbound additionally add it the the pf firewall table to allow the jail outbound
access. If you do not specify an interface, Bastille will assume you have run access. If you do not specify an interface, Bastille will assume you have run
@@ -30,11 +30,11 @@ different types of jail network configs.
is created using the setup command) as it's interface. If you have not run is created using the setup command) as it's interface. If you have not run
``bastille setup`` and do not specify an interface, Bastille will error. ``bastille setup`` and do not specify an interface, Bastille will error.
* Inherit mode. For classic/standard jails that are set to ``inherit`` or * Inherit mode: For classic/standard jails that are set to ``inherit`` or
``ip_hostname``, bastille will simply set ``ip4`` to ``inherit`` inside the ``ip_hostname``, bastille will simply set ``ip4`` to ``inherit`` inside the
jail config. The jail will then function according the jail(8) documentation. jail config. The jail will then function according the jail(8) documentation.
* ip_hostname mode. For classic/standard jails that are set to ``ip_hostname``, * ip_hostname mode: For classic/standard jails that are set to ``ip_hostname``,
bastille will simply set ``ip4`` to ``ip_hostname`` inside the jail config. bastille will simply set ``ip4`` to ``ip_hostname`` inside the jail config.
The jail will then function according the jail(8) documentation. The jail will then function according the jail(8) documentation.