Firewall

Status
Not open for further replies.

uutzinger

Dabbler
Joined
Nov 27, 2011
Messages
43
It appears the developers philosophy is that a NAS is supposed to be attached to a network that is protected from the world with a hardware firewall or router with ACL.

However with the availability of jails and PBIs one should reconsider this approach.

I am using apache/AjaXplorer in the jail.
I would like to expose the jail to collaborators outside my organization. The IP of those collaborators can change.

I do not control my network's ACL but I can file a request. It simplifies my work if I can request a general ACL template and control in addition details on the server's software firewall.

If the host (FreeNAS) does not have ipfw kernel module the jail will not have it either.
To my understanding that means there will be no firewall for the jail.

I am able to copy other "missing" kernel modules from FreeBSD 8.2 to /boot/kernel but ipfw.ko will not load or has dependencies I am not aware of.

Please consider making ipfw available in FreeNAS as kernel module so that it can be used in the jail.

Urs
 

uutzinger

Dabbler
Joined
Nov 27, 2011
Messages
43
To clarify:
I would like the line NANOBSD_MODULES = " ... in the nanobsd configuration file to be changed to include ipfw and libalias.
That has very little impact on the overall image size.
 
Status
Not open for further replies.
Top