2022-10-29 02:24:32 +00:00
|
|
|
cloak {
|
2024-06-29 19:21:27 +00:00
|
|
|
path = "/jail/${name}";
|
2022-10-29 19:55:34 +00:00
|
|
|
vnet;
|
2023-04-27 20:58:06 +00:00
|
|
|
exec.prestart += "/usr/local/bin/jail_netgraph_bridge start restricted_nat jail${name} 10.215.2.1/24";
|
2024-06-30 20:18:55 +00:00
|
|
|
# Create a dummy interface that is never used, just to create the cloak bridge that is used by children.
|
|
|
|
exec.prestart += "/usr/local/bin/jail_netgraph_bridge start cloak dummy${name} 192.168.1.0/24";
|
2024-07-07 22:09:15 +00:00
|
|
|
exec.poststop += "sleep 10; /usr/local/bin/jail_netgraph_bridge stop cloak dummy{name}";
|
|
|
|
exec.poststop += "sleep 10; /usr/local/bin/jail_netgraph_bridge stop restricted_nat jail${name}";
|
2023-04-27 20:58:06 +00:00
|
|
|
vnet.interface += "jail${name}";
|
|
|
|
vnet.interface += "cloak";
|
|
|
|
|
2022-10-30 01:29:00 +00:00
|
|
|
devfs_ruleset = 13;
|
|
|
|
mount.devfs; # To expose tun device
|
2024-07-01 03:02:23 +00:00
|
|
|
mount.fstab = "/etc/fstab.${name}";
|
2022-10-29 02:24:32 +00:00
|
|
|
|
|
|
|
exec.start += "/bin/sh /etc/rc";
|
|
|
|
exec.stop = "/bin/sh /etc/rc.shutdown jail";
|
|
|
|
exec.consolelog = "/var/log/jail_${name}_console.log";
|
|
|
|
}
|