- add the following to /etc/rc.conf inside VIMAGE jail:
# PF Firewall
firewall_enable="YES"
firewall_type="open"
The available firewall types are:
- open: passes all traffic.
- client: protects only this machine.
- simple: protects the whole network.
- closed: entirely disables IP traffic except for the loopback interface.
- workstation: protects only this machine using stateful rules.
- UNKNOWN: disables the loading of firewall rules.
- filename: full path of the file containing the firewall ruleset.
If firewall_type is set to either client or simple, modify the default rules found in /etc/rc.firewall to fit the configuration of the system.
Note that the filename type is used to load a custom ruleset.
Update: I only got IPFW firewall working in jail after enable it in host as well.
References:
- https://forums.freebsd.org/threads/49561/
- https://www.freebsd.org/doc/handbook/firewalls-ipfw.html
No comments:
Post a Comment