Create Jail, Networking and NAT

Create Classic Jails

Step 1: Enable the Jail Feature

Make sure the jail feature is enabled in your FreeBSD system. You can check this by looking for the jail keyword in your /etc/rc.conf file. If it's not there, you can add it.

echo 'jail_enable="YES"' >> /etc/rc.conf

Step 2: Create a Directory for the Jail

Create a directory where the jail's filesystem will reside. This is typically done in /usr/jails.

mkdir -p /usr/jails/website

Step 3: Install the Base System

You need to populate the jail directory with a FreeBSD base system. You can use the make command to extract the base system into the jail directory.

mkdir -p /usr/jails/website
mkdir /usr/jail/media
fetch https://download.freebsd.org/ftp/releases/amd64/amd64/14.2-RELEASE/base.txz -o /usr/jails/media/14.2-RELEASE-base.txz
tar -xf /usr/jails/media/14.2-RELEASE-base.txz -C /usr/jails/website --unlink

Setp 4: Copy important Files & Update

cp /etc/resolv.conf /usr/jails/website/etc/resolv.conf
cp /etc/localtime /usr/jails/website/etc/localtime
 reebsd-update -b /usr/jails/website fetch install

Step 5: Create Network interface for Jail

sysrc cloned_interfaces+="lo1"

Step 6: Configure the Jail in /etc/jail.conf:

website {
    path = "/usr/jails/website";
    sysvshm = "new";
    host.hostname = "website.local";
    ip4.addr = "lo1|10.10.10.100/24";  # Assign an IP from your jail network
    allow.raw_sockets;
    allow.socket_af;
    allow.mount;
    mount.devfs;
    devfs_ruleset = 111;
    exec.clean;
    exec.start = "/bin/sh /etc/rc";
    exec.stop = "/bin/sh /etc/rc.shutdown";
}

Step 7: Reboot

Reboot Host

reboot

Step 8: Start the Jail

jail -c website

Now you should have a jail with networking