dear my friends
I configured Bastille and it works well
but there is another problem which I don't know how to handle it.
Internet > Firewall > VMWare > FreeBSD > BastilleOS
how can I configure BastilleOS to access the Internet?
I want to access the internet from my BastilleOS?
and
How can I configure FreeBSD PF to NAT to BastilleOS from the Internet?
here is my configure:
I configured Bastille and it works well
but there is another problem which I don't know how to handle it.
Internet > Firewall > VMWare > FreeBSD > BastilleOS
how can I configure BastilleOS to access the Internet?
I want to access the internet from my BastilleOS?
and
How can I configure FreeBSD PF to NAT to BastilleOS from the Internet?
here is my configure:
Code:
ext_if="em0"
set block-policy return
scrub in on $ext_if all fragment reassemble
set skip on lo
table <jails> persist
nat on $ext_if from <jails> to any -> ($ext_if)
## static rdr example
# rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45
## Enable dynamic rdr (see below)
rdr-anchor "rdr/*"
block in all
pass out quick modulate state
antispoof for $ext_if inet
pass in inet proto tcp from any to any port ssh flags S/SA keep state
## make sure you also open up ports that you are going to use for dynamic rdr
# pass in inet proto tcp from any to any port <rdr-start>:<rdr-end> flags S/SA keep state
# pass in inet proto udp from any to any port <rdr-start>:<rdr-end> flags S/SA keep state