In Progress

Write ipfw rules for FreeBSD host and vnet jail servers

Write ipfw rules for FreeBSD host and vnet jail servers :

Web --- Router ---- em0 Host vswitch0 ------------- zjail00 (Mongrel2 server)

| |------- zjail01 (Brubeck web python framework)

| |------- zjail02 (Mongo DB)

|

|vswitch1 ------------- zjail10 (Mongrel2 server)

|------- zjail11 (Special Application)

|------- zjail12 (Mongo DB)

Inputs :

001) Existing host & jail /etc/[url removed, login to view] and all information requested

002) Network architecture (as above)

Implementation requirements / constraints :

010) FreeBSD 9.1 full ZFS

020) jails being zfs jails using zjails ([url removed, login to view])

030) ipfw, dummynet

040) ipban

050) ZeroMQ IPC

Functional requirements :

100) secured firewalling for the services above

101) zjail00 supports HTTP, HTTPS, SSH, file download for installation on any os client

102) zjail0x shall don't know zjail1x ip addresses

103) feed fail2ban

104) dummynet optimisations

110) MongoDB master/slave replication with QoS

120) Access to zjail1x from a white list provided by zjail01

121) IPC between a white listed web client to zjail11

Contractual condition :

200) Provide a ipfw example that provides access to the web from a vnet zjail. Say, on host, nic=em0, ip=[url removed, login to view], gateway=192.168.99.1, vswitch2 ip=[url removed, login to view], jail ip=10.7.100.2/24, jail default router=[url removed, login to view]

201) Provide FreeBSD / ipfw / dummynet / jails records

Remarks :
1) zjail or jail or ezjail or any jail is not important for you and the same on a firewall point of view. I just detailed for context information.
2) This is a starter in a SaaS project. Other tasks will be submitted.

Skills: Web Security

See more: freebsd vnet, ipc freebsd ipfw, wiki services, python web framework, master security, python download file, net framework architecture, mongodb net, mongodb c++, download file python, zfs, write p, rules, qos, Python network, NIC, mongo, jail, freebsd, fail2ban, gateway ssh server, ssh net, ssh python, jails freebsd, web ssh client

About the Employer:
( 0 reviews ) Toulouse, France

Project ID: #4480356

1 freelancer is bidding on average €94 for this job

nknk

I am an experienced Linux system administrator and server setup and optimization expert. . I will perform the setup, tuning and provide further support of the project for you. I'm available online in Yahoo!/GTalk/MSN a More

€94 EUR in 5 days
(26 Reviews)
5.0