Skip to content

Thanksgiving 2019

Pre-release
Pre-release
Compare
Choose a tag to compare
@cedwards cedwards released this 28 Nov 16:24
· 869 commits to master since this release
0.5.20191128
29565b2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Changelog

This is a minor bug-fix release that improves the reliability of containers when using loopback-based networking. It also adds some safeguards against invalid network configurations and other minor cosmetic improvements.

Firewall Update

This introduces a change to the pf.conf firewall configuration. Bastille also changes the way it manages entries in the firewall to go along with this. It is important, if upgrading, to update the firewall as follows:

Step 1:

## /etc/pf.conf
+ table <jails> persist
+ nat on $ext_if from <jails> to any -> ($ext_if)
- nat on $ext_if from bastille0:network to any -> ($ext_if)

Step 2:
Reload the firewall rules:

pfctl -vf /etc/pf.conf

Step 3:
Restart running containers:

bastille restart ALL

All public documentation has been updated to reflect this new method. This avoids a reported issue and ensures firewall state is retained.

Assets 2
Loading