{"id":118,"date":"2011-03-31T01:12:02","date_gmt":"2011-03-30T23:12:02","guid":{"rendered":"http:\/\/prout-prout.net\/blog\/?p=118"},"modified":"2013-08-01T18:41:13","modified_gmt":"2013-08-01T16:41:13","slug":"jails","status":"publish","type":"post","link":"https:\/\/xn--jrme-bpa1e.net\/blog\/post\/118\/jails\/","title":{"rendered":"Jails"},"content":{"rendered":"<p><code><br \/>\ncd \/usr\/src<br \/>\nmake build world<\/code><\/p>\n<p>+ Configurer ezjail-admin<br \/>\n<code><br \/>\ncd \/usr\/ports\/sysutils\/ezjail &amp;&amp; make install clean<br \/>\necho 'ezjail_enable=\"YES\"' &gt;&gt; \/etc\/rc.conf.local<br \/>\n<\/code><\/p>\n<p>+ Ajouter \/etc\/pf.conf\u00a0:<\/p>\n<p>echo &lsquo;nat on em0 from lo1:network to any -&gt; (em0)&rsquo; &gt;&gt; \/etc\/pf.conf<\/p>\n<p>+ Ajouter dans \/etc\/rc.conf :<br \/>\n<code><br \/>\necho 'pf_enable=\"YES\"' &gt;&gt;\u00a0\/etc\/rc.conf<br \/>\necho 'pf_rules=\"\/etc\/pf.conf\"' &gt;&gt;\u00a0\/etc\/rc.conf<br \/>\necho 'pflog_enable=\"YES\"' &gt;&gt;\u00a0\/etc\/rc.conf<br \/>\necho 'cloned_interfaces=\"lo1\"' &gt;&gt;\u00a0\/etc\/rc.conf<br \/>\necho 'ifconfig_lo1=\"inet 10.0.1.254 netmask 255.255.255.0\"' &gt;&gt;\u00a0\/etc\/rc.conf<br \/>\n<\/code><br \/>\n+ Ajouter dans \/usr\/local\/etc\/ezjail.conf :<br \/>\n<code><br \/>\nezjail_use_zfs=\"YES\"<br \/>\nezjail_jaildir=\"\/mnt\/storage\/jails\"<br \/>\nezjail_jailzfs=\"storage\/jails\"<br \/>\n<\/code><\/p>\n<p>+ Executer :<br \/>\n<code><br \/>\nezjail-admin update -p -i<br \/>\ncp \/etc\/resolv.conf \/mnt\/storage\/jails\/newjail<br \/>\nifconfig lo1 create<br \/>\n\/etc\/rc.d\/pf start<br \/>\n\/etc\/rc.d\/pflog start<br \/>\npfctl -d<br \/>\npfctl -e -f \/etc\/pf.conf<br \/>\n<\/code><\/p>\n<p>+ Cr\u00e9er une mail :<br \/>\n<code><br \/>\nzfs create storage\/jail\/my_jail<br \/>\nifconfig\u00a0lo1 inet 10.0.1.1 netmask 255.255.255.0 alias<br \/>\necho 'ifconfig_lo1_alias0=\"inet 10.0.1.1 netmask 255.255.255.0\"' &gt;&gt; \/etc\/rc.conf<br \/>\nezjail-admin create my_jail\u00a010.0.1.1<br \/>\n<\/code><\/p>\n<p>&nbsp;<\/p>\n<p>+ Si on veut avoir que la jail puisse communiquer vers l&rsquo;ext\u00e9rieur :<br \/>\n<code><br \/>\nsysctl security.jail.allow_raw_sockets=1<br \/>\n<\/code><\/p>\n<p>de mani\u00e8re permanente :<br \/>\n<code><br \/>\necho 'security.jail.allow_raw_sockets=1' &gt;&gt; \/etc\/sysctl.conf<br \/>\n<\/code><\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"http:\/\/blog.burghardt.pl\/2009\/01\/multiple-freebsd-jails-sharing-one-ip-address\">http:\/\/blog.burghardt.pl\/2009\/01\/multiple-freebsd-jails-sharing-one-ip-address<\/a><br \/>\n<a href=\"http:\/\/www.siteduzero.com\/tutoriel-3-273288-la-prison.html\">http:\/\/www.siteduzero.com\/tutoriel-3-273288-la-prison.html<\/a><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>cd \/usr\/src make build world + Configurer ezjail-admin cd \/usr\/ports\/sysutils\/ezjail &amp;&amp; make install clean echo &lsquo;ezjail_enable=\u00a0\u00bbYES\u00a0\u00bb&lsquo; &gt;&gt; \/etc\/rc.conf.local + Ajouter \/etc\/pf.conf\u00a0: echo &lsquo;nat on em0 from lo1:network to any -&gt; (em0)&rsquo; &gt;&gt; \/etc\/pf.conf + Ajouter dans \/etc\/rc.conf : echo &lsquo;pf_enable=\u00a0\u00bbYES\u00a0\u00bb&lsquo; &hellip; <a href=\"https:\/\/xn--jrme-bpa1e.net\/blog\/post\/118\/jails\/\">Continuer la lecture <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-118","post","type-post","status-publish","format-standard","hentry","category-freebsd"],"_links":{"self":[{"href":"https:\/\/xn--jrme-bpa1e.net\/blog\/wp-json\/wp\/v2\/posts\/118","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xn--jrme-bpa1e.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xn--jrme-bpa1e.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xn--jrme-bpa1e.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/xn--jrme-bpa1e.net\/blog\/wp-json\/wp\/v2\/comments?post=118"}],"version-history":[{"count":30,"href":"https:\/\/xn--jrme-bpa1e.net\/blog\/wp-json\/wp\/v2\/posts\/118\/revisions"}],"predecessor-version":[{"id":136,"href":"https:\/\/xn--jrme-bpa1e.net\/blog\/wp-json\/wp\/v2\/posts\/118\/revisions\/136"}],"wp:attachment":[{"href":"https:\/\/xn--jrme-bpa1e.net\/blog\/wp-json\/wp\/v2\/media?parent=118"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xn--jrme-bpa1e.net\/blog\/wp-json\/wp\/v2\/categories?post=118"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xn--jrme-bpa1e.net\/blog\/wp-json\/wp\/v2\/tags?post=118"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}