Zones and IPFilter

From: Andreas Höschler (ahoesch@smartsoft.de)
Date: Tue Dec 20 2005 - 04:54:04 EST

• Next message: Steve Nelson: "Semaphore Changes"
• Previous message: Bhaskar G: "disabled chs CPU's"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Dear managers,

we have successfully setup a zone with the following set of commands:

        mkdir /zones/my-zone
        zonecfg -z my-zone
                create
                set zonepath=/zones/my-zone
                set autoboot=true
                add net
                set address=<external address>
                set physical=bge2
                end
                verify
                commit
                exit
        zoneadm -z my-zone verify
        zoneadm -z my-zone install
        zoneadm -z my-zone ready
        zoneadm -z my-zone boot

We have booted the zone, logged in on the console and made sure that
the zone is accessible via ssh over the external address. Our next
objective was to setup ipfilter for this zone to block incoming traffic
from <external address> (bge2) to the zone. The approach we used for
the gloabl zone does not work here?

 /etc/ipf/pfil.ap is not existent
 Creating this file and (re)starting network/pfil gives us "svcadm:
Pattern 'network/pfil' doesn't match any instances"
 ...

  What are we missing?

Thanks a lot!

Regards,

   Andreas
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Steve Nelson: "Semaphore Changes"
• Previous message: Bhaskar G: "disabled chs CPU's"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:37:55 EDT