Hi
As I want to know that is there any firewall available inbuilt with Solaris 10 like IPTABLES in Linux.
Also as I have heared about Sun Screen Firewall was available upto Sun Solaris 8. Why it was stopped after Solaris 9 & 10.
Can you give me more details on same.
Thanks
Rajan
The built-in firewall in solaris is called ipfilter.
It is much like iptables with a slightly different syntax but it is just as easy to use.
To start using it all you need to do is edit two files and give two commands (with fingers crossed).
You can find extensive instructions elsewhere but here is a quick overview.
Edit /etc/ipf/pfil.ap and de-comment the appropriate device name (use ifconfig -a to figure out what it is).
Edit /etc/ipf/ipf.conf to your liking. Check online documentation for the syntax. Becareful since it reads from top to bottom and other things that iptables does differently.
Here is a quick example of one of my machines*(careful this is an output from 'ipfstat -io' and not what you would necessarily want.
#this machine talking with others
pass out quick on bge0 proto tcp from xxx.xxx.xxx.xxx/32 to any keep state
pass out quick on bge0 proto udp from xxx.xxx.xxx.xxx/32 to any keep state
pass out quick on bge0 proto icmp from xxx.xxx.xxx.xxx/32 to any keep state
#open up trusted local networks
pass in quick on bge0 from xxx.xxx.xxx.0/24 to any
#outside world
pass in quick on bge0 proto tcp from any to any port = ssh
pass in quick on bge0 proto tcp from any to any port = 80
block in on bge0 all
Those last two passins are wide open but I use sshblack to monitor those ports. You can easily modify that for ipfilter from iptables.
http://www.pettingers.org/code/sshblack.html
After you are all set do
svcadm enable pfil
svcadm enable ipfilter
There are a pile of things that may cause either pfil or ipfilter to fail (svcs -vx to check) but you can google the answers or search these forums for how to fix them.
