Added Configs
This commit is contained in:
commit
919c3c1ac5
GPG key ID:
484DAC952787FA13
2 changed files with 79 additions and 0 deletions
40
pf.conf
Normal file
40
pf.conf
Normal file
|
|
@ -0,0 +1,40 @@
|
||||||
|
table <jails> persist
|
||||||
|
|
||||||
|
ext_if = "em0" # macro for external interface - use tun0 for PPPoE
|
||||||
|
int_if = "bridge0" # macro for internal interface
|
||||||
|
localnet = $int_if:network
|
||||||
|
nat on $ext_if from $localnet to any -> ($ext_if)
|
||||||
|
nat on wg0 from $localnet to any -> (wg0)
|
||||||
|
|
||||||
|
rdr-anchor "rdr/*"
|
||||||
|
|
||||||
|
## Manually Redirect to Jail
|
||||||
|
# Grafana
|
||||||
|
rdr pass on em0 inet proto tcp from any to any port = 3000 -> 192.168.200.51 port 3000
|
||||||
|
rdr pass on wg0 inet proto tcp from any to any port = 3000 -> 192.168.200.51 port 3000
|
||||||
|
|
||||||
|
# CouchDB
|
||||||
|
rdr pass on em0 inet proto tcp from any to any port = 5984 -> 192.168.200.52 port 5984
|
||||||
|
rdr pass on wg0 inet proto tcp from any to any port = 5984 -> 192.168.200.52 port 5984
|
||||||
|
|
||||||
|
# Hosting
|
||||||
|
# SSH
|
||||||
|
rdr pass on em0 inet proto tcp from any to any port = 2024 -> 192.168.200.53 port 22
|
||||||
|
rdr pass on wg0 inet proto tcp from any to any port = 2024 -> 192.168.200.53 port 22
|
||||||
|
# Web
|
||||||
|
rdr pass on em0 inet proto tcp from any to any port = 8081 -> 192.168.200.53 port 8081
|
||||||
|
rdr pass on wg0 inet proto tcp from any to any port = 8081 -> 192.168.200.53 port 8081
|
||||||
|
# MariaDB
|
||||||
|
rdr pass on em0 inet proto tcp from any to any port = 3306 -> 192.168.200.53 port 3306
|
||||||
|
rdr pass on wg0 inet proto tcp from any to any port = 3306 -> 192.168.200.53 port 3306
|
||||||
|
# Webmin
|
||||||
|
rdr pass on em0 inet proto tcp from any to any port = 10000 -> 192.168.200.53 port 10000
|
||||||
|
rdr pass on wg0 inet proto tcp from any to any port = 10000 -> 192.168.200.53 port 10000
|
||||||
|
|
||||||
|
# MQTT
|
||||||
|
rdr pass on em0 inet proto tcp from any to any port = 1883 -> 192.168.200.54 port 1883
|
||||||
|
rdr pass on wg0 inet proto tcp from any to any port = 1883 -> 192.168.200.54 port 1883
|
||||||
|
|
||||||
|
# Uptime-Kuma
|
||||||
|
rdr pass on em0 inet proto tcp from any to any port = 3001 -> 192.168.200.55 port 3001
|
||||||
|
rdr pass on wg0 inet proto tcp from any to any port = 3001 -> 192.168.200.55 port 3001
|
||||||
39
rc.conf
Normal file
39
rc.conf
Normal file
|
|
@ -0,0 +1,39 @@
|
||||||
|
clear_tmp_enable="YES"
|
||||||
|
hostname="FTIK-FreeBSD-Server"
|
||||||
|
sshd_enable="YES"
|
||||||
|
moused_enable="YES"
|
||||||
|
ntpd_enable="YES"
|
||||||
|
ntpd_sync_on_start="YES"
|
||||||
|
powerd_enable="YES"
|
||||||
|
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
|
||||||
|
dumpdev="AUTO"
|
||||||
|
zfs_enable="YES"
|
||||||
|
|
||||||
|
gateway_enable="YES"
|
||||||
|
|
||||||
|
# Ethernet
|
||||||
|
ifconfig_em0="DHCP"
|
||||||
|
|
||||||
|
# Wireguard
|
||||||
|
wireguard_enable="YES"
|
||||||
|
wireguard_interfaces="wg0"
|
||||||
|
|
||||||
|
# Firewall
|
||||||
|
pf_enable=yes
|
||||||
|
pf_rules="/etc/pf.conf"
|
||||||
|
pflog_enable=yes
|
||||||
|
|
||||||
|
# Bridge
|
||||||
|
cloned_interfaces="bridge0"
|
||||||
|
ifconfig_bridge0="inet 192.168.200.1 netmask 255.255.255.0"
|
||||||
|
|
||||||
|
# Bastille
|
||||||
|
bastille_enable="YES"
|
||||||
|
bastille_list="couchdb grafana hosting mqtt"
|
||||||
|
|
||||||
|
# Linux Jail
|
||||||
|
linux_enable="YES"
|
||||||
|
kld_list="nvidia"
|
||||||
|
|
||||||
|
# TTY
|
||||||
|
allscreens_flags="-f 8x16"
|
||||||
Loading…
Reference in a new issue