Go to 2021 version

HowTo create jails with Bastille

TDLR of https://github.com/BastilleBSD/bastille/

install bastille

Bastille is very active so make sure you switch to latest pkg mirror

vim /etc/pkg/FreeBSD.conf

FreeBSD: {
  url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
  mirror_type: "srv",
  signature_type: "fingerprints",
  fingerprints: "/usr/share/keys/pkg",
  enabled: yes
}

enable bastille

sysrc bastille_enable=YES

create virtual network bridge

sysrc cloned_interfaces+=lo1
sysrc ifconfig_lo1_name="bastille0"
service netif cloneup

edit /etc/pf.conf (add the lines without #)

ext_if="em0"

set block-policy return
scrub in on $ext_if all fragment reassemble
set skip on lo

table <jails> persist
nat on $ext_if from <jails> to any -> ($ext_if)

block in all
pass out quick modulate state
antispoof for $ext_if inet
pass in inet proto tcp from any to any port ssh flags S/SA keep state

add ZFS support (check zpool with “zpool list”)

sysrc -f /usr/local/etc/bastille/bastille.conf bastille_zfs_enable=YES
sysrc -f /usr/local/etc/bastille/bastille.conf bastille_zfs_zpool=zroot #check with "zpool list"

bootstrap and create jail

bastille bootstrap 12.2-RELEASE
bastille create testjail 12.2-RELEASE 192.168.0.50
bastille start

install packages and login

bastille pkg install vim-console tmux
bastille console testjail

Easy and lightweight jails with BastilleBSD

Go to 2021 version

HowTo create jails with Bastille

TDLR of https://github.com/BastilleBSD/bastille/

install bastille

Have fun!