Better than delegating the jail network restrictions to the host (less coupling) Requires IPFW because iocage won't work with pf.
Better than delegating the jail network restrictions to the host (less coupling)
Requires IPFW because iocage won't work with pf.