BastilleBSD/bastille
2
0
Fork 0
Code Pull Requests Actions Packages Releases Activity

Fixes #338 Network access on jail startup

Browse Source
This commit is contained in:
Julien Dessaux
2021-06-09 17:15:37 +02:00
parent b85d6347de
commit 1a522cb3a8
1 changed files with 2 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
usr/local/share/bastille/start.sh
View File

@@ -83,6 +83,8 @@ for _jail in ${JAILS}; do
error_notify "Error: IP address (${ip}) already in use." error_notify "Error: IP address (${ip}) already in use."
continue continue
fi fi
## add ip4.addr to firewall table:jails
pfctl -q -t jails -T add "${ip}"
fi fi
## start the container ## start the container
@@ -102,13 +104,6 @@ for _jail in ${JAILS}; do
bastille rdr "${_jail}" ${_rules} bastille rdr "${_jail}" ${_rules}
done < "${bastille_jailsdir}/${_jail}/rdr.conf" done < "${bastille_jailsdir}/${_jail}/rdr.conf"
fi fi
## add ip4.addr to firewall table:jails
if [ -n "${bastille_network_loopback}" ]; then
if grep -qw "interface.*=.*${bastille_network_loopback}" "${bastille_jailsdir}/${_jail}/jail.conf"; then
pfctl -q -t jails -T add "$(jls -j ${_jail} ip4.addr)"
fi
fi
fi fi
echo echo
done done