Freenas jail with pf (firewall)

Status
Not open for further replies.
l_b_

l_b_

Cadet
Joined
Aug 17, 2013
Messages
1
Hi all! I'm playing around with the new jails system in Freenas 9.1 and I'm loving it.

I want to set up a firewall in a jail to restrict access to specific services but I can't get pf to work in a jail.

This is the message I'm getting:

Code:
root@mediahub:/usr/local/etc/znc # service pf onestart
kldload: can't load pf: Operation not permitted
/etc/rc.d/pf: WARNING: Unable to load kernel module pf


I'm just getting started with FreeBSD so I don't know a whole lot about it. Is it possible to run pf in a jail on FreeNAS? If not, would this be a good candidate for a feature request?
 
C

cyberjock

Inactive Account
Joined
Mar 25, 2012
Messages
19,526
No, and the problem is that data packets in the jail has to go through FreeNAS, so you aren't providing a good security model for your server.

There isn't any way to make this a "feature request" except to run FreeNAS as a jail on pfsense, but pfsense has no jail function for similar reasons. You really should never mix security hardware/software with your other stuff.
 
Status
Not open for further replies.

Similar threads

C
  • Locked
Protecting a jail with a firewall
Replies
3
Views
4K
DearestDreamer
D
I
  • Locked
Getting /dev/pf in a jail
Replies
6
Views
2K
jgreco
jgreco
O
Firewall Upstream - Consumer Router or More Complex?
Replies
9
Views
2K
danb35
danb35
K
  • Locked
Howto install Squid / Dansguardian / PF in a jail
Replies
2
Views
2K
Ericloewe
Ericloewe
DeliveryGuy
  • Locked
Setting up a Firewall on FreeNAS
Replies
10
Views
42K
HoneyBadger
HoneyBadger
Top