jail容器里的系统有时候并不需要公开的地址,所以给它们配置内网地址即可。但是这些系统一般都有上网的需求,这时候可以使用nat进行解决。
CBSD可以配置NAT规则,只需要命令cbsd natcfg,配置好后cbsd naton启动即可:
% cbsd natcfg
Configure NAT for RFC1918 Network?
[yes(1) or no(0)]
yes
Set IP address as the aliasing NAT address, e.g: 192.168.1.2
Which NAT framework do you want to use: [pf]
(type FW name, eg pf,ipfw,ipfilter or "exit" for break)
% cbsd naton
No ALTQ support in kernel
ALTQ related functions disabled
No ALTQ support in kernel
ALTQ related functions disabled
pfctl: pf already enablednat的规则,可以在主目录/etc 下看到,比如:
root@fbhost:/usr/jails/etc # cat pfnat.conf
nat on igb0 from 10.0.0.0/8 to ! 10.0.0.0/8 -> 192.168.1.5 # // Setup by CBSD NAT
nat on igb0 from 172.16.0.0/12 to ! 172.16.0.0/12 -> 192.168.1.5 # // Setup by CBSD NAT
当然关闭直接使用cbsd natoff 命令。
标签:NAT,FreeBSD,0.0,CBSD,jail,cbsd,nat,ALTQ From: https://blog.csdn.net/skywalk8163/article/details/139871430