Skip to content

vgenguita/jails-configs

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 

Repository files navigation

jails-configs

A collection of config files in order to easily deploy it on a Freebsd Jail.

dnsmasq_jail.sh

A simple adblock dns server. Simplified version of https://vlads.me/post/setting-up-dns-adblocker-freebsd-jail/

PRE INSTALL

  • csh shell (Available by default in FreeBSD)

  • wget and diff to compare files if required

    root@host:/ # pkg install wget diffutils

  • An empty or existing jail

    • Set jail mount point with JAILMOUNTPOINT variable of dnsmasq_jail.sh script. I don' t know if it would be better to pass mountpoint as an script input arg
     set JAILMOUNTPOINT = "/mnt/jails"
  • Uncoment this lines if you want to check config files difference before to copy them

     ##diff $CONFIGS/dnsmasq_rcd $JAILMOUNTPOINT/$JAIL/usr/local/etc/rc.d/dnsmasq
     ##diff $CONFIGS/dnsmasq_conf $JAILMOUNTPOINT/$JAIL/usr/local/etc/dnsmasq.conf

INSTALL

Just launch .sh script passing an existing jail name as argument

user@host:/ # ./dnsmasq_jail.sh jailName

POST INSTALL

Pass port from jail to host with pf or prefered firewall. Example for /etc/pf.conf

dns="{53}"
rdr on $ext_if proto udp from any to any port $dns-> $jail_ip

Check config on jail

user@host:/ # jexec jail
user@jail:/ # dnsmasq --test
dnsmasq: syntax check OK.

For test before launch service

On Jail

user@jail:/ # dnsmasq -d -q

On host dns query asking to jail ip

user@host:/ # drill freebsd.org @192.168.35.4
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 15521
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; freebsd.org.	IN	A

;; ANSWER SECTION:
freebsd.org.	3600	IN	A	96.47.72.84

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 71 msec
;; SERVER: 192.168.35.4
;; WHEN: Mon Aug  9 13:53:29 2021
;; MSG SIZE  rcvd: 45

Finally, launch dnsquery service on jail

user@host:/ # jexec jail
user@jail:/ # service dnsmasq start
Starting dnsmasq.

Releases

No releases published

Packages

No packages published

Languages