ipfilter not working for me (Sol10U2, X2100)

Hi,

Can anyone explain why this config won't log anything whatsoever:

$ ifconfig nge0

nge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2

inet 192.168.1.118 netmask ffffff00 broadcast 192.168.1.255

...

$ ipf -F a -v -f /etc/ipf/ipf.conf ; ipmon -a -t

pass in on nge0 all

pass out on nge0 all

block in log quick proto tcp from any to 0.0.0.0/32 port = telnet

pass in log quick on nge0 proto icmp from any to 0.0.0.0/32

pass out on nge0 proto icmp from any to any keep state

pass in quick on lo0 all

pass out quick on lo0 all

The pfil and ipfilter services are enabled. This is after applying a Solaris Security Toolkit secure profile.

Other simple configs, such as block all and open one port, don't work for me either; it always blocks everything. Am I missing something basic here?

Message was edited by:

qu1j0t3

[953 byte] By [qu1j0t3] at [2007-11-26 9:51:48]

«« How to do a Simple Search?
»» Trouble Jumpstarting

# 1

David Finberg suggested a patch to Solaris Security Toolkit that seems to have resolved the problem. It also installed a default set of ipfilter rules that happened to be exactly what I required!

See his comment on John Clingan's blog. Thanks David!

http://blogs.sun.com/jclingan/entry/securing_a_zone_using_the#comment-115704544 0000

qu1j0t3 at 2007-7-7 1:05:28 >

top of Java-index,Solaris Operating System,Solaris 10 Features...

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

ipfilter not working for me (Sol10U2, X2100)

Solaris Operating System New Topic

Solaris Operating System Hot Topic

Solaris Operating System

All Classified