Skip to content

Commit

Permalink
Merge pull request #75 from cedwards/firewall
Browse files Browse the repository at this point in the history
0.5.20191128 release
  • Loading branch information
cedwards authored Nov 28, 2019
2 parents 90c0c1d + 8414865 commit 29565b2
Show file tree
Hide file tree
Showing 6 changed files with 51 additions and 12 deletions.
21 changes: 21 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
.PHONY: install
install:
@echo "Installing Bastille"
@echo
@cp -av usr /
@echo
@echo "This method is for testing / development."

.PHONY: uninstall
uninstall:
@echo "Removing Bastille command"
@rm -vf /usr/local/bin/bastille
@echo
@echo "Removing Bastille sub-commands"
@rm -rvf /usr/local/share/bastille
@echo
@echo "removing configuration file"
@rm -rvf /usr/local/etc/bastille
@echo
@echo "removing startup script"
@rm -vf /usr/local/etc/rc.d/bastille
12 changes: 8 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,18 @@ portsnap fetch auto
make -C /usr/ports/sysutils/bastille install clean
```

**Git**
```shell
git clone https://github.com/BastilleBSD/bastille.git
cd bastille
make install
```

**enable at boot**
```shell
sysrc bastille_enable=YES
```


Basic Usage
-----------
```shell
Expand Down Expand Up @@ -64,12 +70,10 @@ Use "bastille command -h|--help" for more information about a command.

```
## 0.5-beta
This document outlines the basic usage of the Bastille container management
framework. This release is still considered beta.
Network Requirements
====================
Several networking options can be performed regarding the user needs. Basic
Expand Down Expand Up @@ -106,8 +110,8 @@ ext_if="vtnet0"
set block-policy return
scrub in on $ext_if all fragment reassemble
set skip on lo
table <jails> persist
nat on $ext_if from <jails> to any -> ($ext_if)
Expand Down
16 changes: 15 additions & 1 deletion docs/chapters/installation.rst
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ Bastille is available in the official FreeBSD ports tree at
`sysutils/bastille`. Binary packages available in `quarterly` and `latest`
repositories.

Current version is `0.5.20191125`.
Current version is `0.5.20191128`.

To install from the FreeBSD package repository:

Expand All @@ -28,3 +28,17 @@ ports
.. code-block:: shell
make -C /usr/ports/sysutils/bastille install clean
GIT
---

.. code-block:: shell
git clone https://github.com/BastilleBSD/bastille.git
cd bastille
make install
This method will install the latest files from GitHub directly onto your
system. It is verbose about the files it installs (for later removal), and also
has a `make uninstall` target.
8 changes: 4 additions & 4 deletions docs/chapters/networking.rst
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,6 @@ First, create the loopback interface:
ishmael ~ # sysrc cloned_interfaces+=lo1
ishmael ~ # sysrc ifconfig_lo1_name="bastille0"
ishmael ~ # service netif cloneup
ishmael ~ # ifconfig bastille0 inet 10.17.89.10
Second, enable the firewall:

Expand All @@ -99,9 +98,10 @@ Create the firewall rules:
set block-policy return
scrub in on $ext_if all fragment reassemble
set skip on lo
nat on $ext_if from bastille0:network to any -> ($ext_if)
table <jails> persist
nat on $ext_if from <jails> to any -> ($ext_if)
## rdr example
## rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45
Expand All @@ -119,7 +119,7 @@ to containers are:

.. code-block:: shell
nat on $ext_if from bastille0:network to any -> ($ext_if)
nat on $ext_if from <jails> to any -> ($ext_if)
## rdr example
## rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45
Expand Down
4 changes: 2 additions & 2 deletions docs/conf.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,9 @@
author = 'Christer Edwards'

# The short X.Y version
version = '0.5.20191125'
version = '0.5.20191128'
# The full version, including alpha/beta/rc tags
release = '0.5.20191125-beta'
release = '0.5.20191128-beta'


# -- General configuration ---------------------------------------------------
Expand Down
2 changes: 1 addition & 1 deletion usr/local/bin/bastille
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ bastille_perms_check
. /usr/local/etc/bastille/bastille.conf

## version
BASTILLE_VERSION="0.5.20191125"
BASTILLE_VERSION="0.5.20191128"

usage() {
cat << EOF
Expand Down

0 comments on commit 29565b2

Please sign in to comment.