FreeBSD does support Multi-IPv4/v6/no-IP jail and it was merged to STABLE release. You need to rebuild your kernel including jls(8) and to use the new features jail(8), jexec(8) and cpuset(1) with a new kernel. Another option is get FreeBSD 7.2 (RC1 or above) using cvsup, just do make buildworld. Here is what you need to put in /etc/rc.conf file for Multi-IPv4/v6/no-IP jail configuration for httpd jail (note there are 3 ips defined):
jail_enable="YES"Save and close the file. Restart jail service:
jail_list="httpd"
jail_httpd_rootdir="/iscsi/httpd" # jail's root directory
jail_httpd_hostname="web01.cyberciti.com" # jail's hostname
jail_httpd_ip="10.24.55.106,74.86.48.99,2607:f0d0:1002:11::4" # jail's multi IPs address
jail_smtpd_devfs_enable="YES" # mount devfs in the jail
jail_smtpd_devfs_ruleset="devfsrules_jail" # devfs ruleset to apply to jail
# /etc/rc.d/jail restartTo verify multiple IP, enter:
# jls -vSample output:
JID Hostname PathFrom the man page:
Name State
CPUSetID
IP Address(es)
2 web01.cyberciti.com /iscsi/httpd
ALIVE
2
10.24.55.106
74.86.48.99
2607:f0d0:1002:11::4
jail_httpd_ip is used to set to the primary IPv4 and/or IPv6 addresses assigned to the jail. The argument can be a sole address or a comma separated list of addresses. Additionally each address can be prefixed by the name of an interface followed by a pipe to overwrite jail__interface or jail_interface and/or suffixed by a netmask, prefixlen or prefix. In case no netmask, prefixlen or prefix is given, /32 will be used for IPv4 and /128 will be used for an IPv6 address. If no address is given for the jail then the jail will be started with no networking support.
No comments:
Post a Comment