1 2The below 4 samples require a VIMAGE enabled kernel: 3 4 # (as root) 5 $ cp VIMAGE /usr/src/sys/amd64/conf/ 6 $ cd /usr/src 7 $ make KERNCONF=VIMAGE kernel 8 $ reboot 9 10FreeBSD 12 has VIMAGE enabled in GENERIC on amd64. 11In that case, for jng simply load the ng_ether module first 12(ng_bridge and ng_eiface will load on demand): 13 14 # (as root) 15 # Load the ng_ether module at boot: 16 $ sysrc kld_list+=ng_ether 17 # Load ng_ether at once without rebooting: 18 $ kldload ng_ether 19 20Sample 1: jail.conf(5) 21 22 $ cp jib jng /usr/sbin/ 23 $ cat jail.xxx.conf >> /etc/jail.conf 24 $ vi /etc/jail.conf 25 # NB: Customize root directory and bridge interface 26 $ sysrc jail_enable=YES 27 # NB: Assumes jail_list="" (meaning ``all jails in jail.conf'') 28 # NB: Assumes rc_conf_files="" (``below rc.conf(5) samples not used'') 29 $ service jail start 30 31Sample 2: rc.conf(5) 32 33 $ cp jib jng /usr/sbin/ 34 $ cp rc.conf.jails /etc/ 35 $ vi /etc/rc.conf.jails 36 # NB: Customize root directory and bridge interface 37 $ sysrc rc_conf_files+=/etc/rc.conf.jails 38 # NB: Assumes /etc/jail.conf does not exist and jail_list="" 39 $ service jail start 40 41Sample 3: Per-jail jail.conf(5) 42 43 $ cp jib jng /usr/sbin/ 44 $ cp jail.xxx.conf /etc/ 45 $ vi /etc/jail.xxx.conf 46 # NB: Customize root directory and bridge interface 47 $ sysrc jail_enable=YES 48 $ sysrc jail_list+=xxx 49 # NB: Assumes rc_conf_files="" 50 $ service jail start 51 52Sample 4: Per-jail rc.conf(5) 53 54 $ cp jib jng /usr/sbin/ 55 $ cp rcjail.xxx.conf /etc/ 56 $ vi /etc/rcjail.xxx.conf 57 # NB: Customize root directory and bridge interface 58 $ sysrc jail_enable=YES 59 $ sysrc jail_list+=xxx 60 $ sysrc rc_conf_files+=/etc/rcjail.xxx.conf 61 # NB: Assumes neither /etc/jail.conf nor /etc/jail.xxx.conf exist 62 $ service jail start 63 64For additional recipes, see share/examples/netgraph for 65making and hooking together jails using netgraph as the 66virtual networking fabric. 67