I am using FreeBSD 7.1 and on my server I have two different jails. One for database and second one for game server. What I need to know is if it is possible to assign game server's jail to public IP so I do not need to forward every port I need?
At the moment I'm using PF (Packet Filter) to make NAT for jails and to forward ports to all kinds of services I'm running in game server's jail. The problem is that it seems that PF is doing something nasty with packets I redirect to the game jail and players can login but they can't do anything else (game server is separated in few subservers – each handles different map in game). I've tried to run the game server on virtualized FreeBSD on my computer and everything worked. The only difference between OS on my home machine and server is just Packet Filter. So I want to test everything on the server without the PF, but is impossible as game server runs in jail and it won't work without NAT and port redirection. On #freebsd (freenode) some guys told me that it is actually possible to have my jail to "share" public IP with host system without port forwarding.
The question is: is it? If yes, how?
Thanks for response!
Best Answer
Yes. Set
jail_xxx_ip="1.2.3.4"inrc.confNote: This doesn't bypass pf, you you must still allow it (assuming it's default to deny).
Reference: FreeBSD Handbook: Creating and Controlling Jails