[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ezjail] patch: ezjail_default_interface option

On 1/19/10 9:14 PM, Panagiotis Christias wrote:

> ezjail.conf and a "-I interface" option to ezjail-admin. Saves you the
> trouble of manually editing the config file of every newly created jail.


thanks for the patch, however, I can't accept it. I consider the auto
configuration feature from /etc/rc.d/jail short sighted, dangerous and
stupidly implemented and will not support it in ezjail. The fact alone
that it will automatically take down an ip address from my interfaces
once I set the interface-variable makes me shiver inside.

Address configuration simply does not belong in the jail startup script.
You should also consider setting up your ip address range at boot time
using the very handy ipv4_addrs variable.