[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ezjail] Multiple IP's



Günther Van der Eecken wrote:
> You can use a trick for this. My jails always get a private ip like
> 172.16.0.x, with ipnat I make whatever I like available to the public.
> 
> An example:
> 
> map net0 172.16.0.0/24 -> 0/32 proxy port 21 ftp/tcp
> map net0 172.16.0.0/24 -> 0/32 portmap tcp/udp auto
> rdr net0 213.123.123.100/32 port 3306 -> 172.16.0.190 port 3306
> rdr net0 213.123.123.101/32 port 3306 -> 172.16.0.190 port 3307
> rdr net0 213.123.123.102/32 port 3306 -> 172.16.0.190 port 3308

Maybe a useful tip for that kind of setup:

Using a renamed loopback interface for that and putting the jail-ipaddr.
onto that interface keeps private ipaddrs. from your real interface:

e.g.

cloned_interfaces="lo1"
ifconfig_lo1_name="jailif0"
ipv4_addrs_jailif0="10.23.23.1-4/32"

# ifconfig jailif0
jailif0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet 10.23.23.1 netmask 0xffffffff
        inet 10.23.23.2 netmask 0xffffffff
        inet 10.23.23.3 netmask 0xffffffff
        inet 10.23.23.4 netmask 0xffffffff

greetings,
cryx