# wtap 備份 ## install a jail from an ISO ```bash export DESTDIR=/usr/jail/net80211_0 sudo mkdir -p $DESTDIR ``` Mount the install media on `/mnt`(change `cdimage.iso` to your ISO). ```bash sudo mount -t cd9660 /dev/`mdconfig -f cdimage.iso` /mnt cd /mnt/usr/freebsd-dist/ ``` Install just the base system. ```bash tar -xf base.txz -C $DESTDIR ``` Also install the tarball to `/usr/jail/net80211_1`. ## configuration for jail Copy jng (jng stands for "Jail Netgraph", which is a shell script for creating netgraph in jail) to `/usr/sbin`. ```bash sudo cp -v /usr/src/share/examples/jails/jng /usr/sbin/ ``` ### creating `devfs.rules` Create `/etc/devfs.rules` and open it in text editor: ```bash [devfsrules_jail_net80211=5] add include $devfsrules_hide_all add include $devfsrules_unhide_basic add include $devfsrules_unhide_login add path 'tun*' unhide ``` Save and close file. ### configure `jail.conf` Append the following config in `/etc/jail.conf`: ```bash net80211_0 { host.hostname = "net80211_0"; # hostname path = "/usr/jail/net80211_0"; # root directory exec.clean; exec.system_user = "root"; exec.jail_user = "root"; # ########################################################################## # netgraph/vnet config info # ng0 is my vnet # em0 is my physical network interface connected to the LAN (use ifconfig) # jng is located in /usr/sbin/ # net80211_0 is my jail name # ########################################################################## vnet; vnet.interface = "wlan0"; # vnet interface(s) exec.prestart += "jng bridge net80211_0 bridge0"; # bridge interface(s) exec.poststop += "jng shutdown net80211_0"; # destroy interface(s) # Standard stuff exec.start += "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; exec.consolelog = "/var/log/jail_net80211_0_console.log"; mount.devfs; #mount devfs allow.raw_sockets; #allow ping-pong devfs_ruleset=5; #devfs ruleset for this jail mount.devfs; } ``` Also add net80211_1 with some fields modified. Save and close the file.