Dear managers, thanks to Stefan Varga <Stefan_Varga@tempest.sk> Andrew Williams <snowman@ican.net> "Mike Demarco" <mdemarco@suncom.com> Crist Clark <crist.clark@globalstar.com> <peter.van.gemert@accenture.com> who all tried to help and assured me that IP FIlter on Solaris actually works. Since it did not for me inspite of all the given hints I finally decided to install Solaris 10 from scratch and voila. I was confirmed in my assumption that upgrading a machine is not a good idea. It mmight work sometimes, but it never did for me neither with MacOSX nor with Solaris. My current (successful) approach after a clean install is pico /etc/ipf/pfil.ap bge -1 0 pfil svcadm restart network/pfil pico /etc/ipf/ipf.conf <some rules> pico /etc/ipf/ipnat.conf <some rules> svcadm disable network/ipfilter svcadm enable network/ipfilter svcadm restart network/ipfilter ifconfig bge2 unplumb ifconfig bge2 plumb <address> netmask <netmask> up Now "svcs -l ipfilter" ives me want I wanted to see and the filter is doing its job. Thanks a lot! Regards, Andreas Original question: ==================================================== I have spent the whole day on trying to get IP Filter to work on a SunFire 240 with Solaris 10 (upgraded from Solaris 9). First I tried to (re)build it from source as I usually do (this failed), when I realized that Slaris 10 is coming with IP Filter (deactivated by default). I then followed the instructions on http://docs.sun.com/app/docs/doc/816-4554/6maoq023s?a=view and uncommented the bge line in /etc/ipf/pfil.ap.... _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Wed Nov 9 14:55:26 2005
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:52 EST