Summary: Zones and IPFilter

From: Andreas Höschler (ahoesch@smartsoft.de)
Date: Tue Dec 20 2005 - 07:41:43 EST

• Next message: L, Raghunath (Raghu): "CPU performence comparison between UIV/IV+ , T1,IIi,IIIplus If p ossible on Intel/AMD"
• Previous message: Youssef: "Sun fire 880 too slow"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello all,

thanks to <peter.van.gemert@accenture.com> who exhaustingly answered my
question. The rules for the zones go into the ipfilter configuration of
the global zone. Adding something like

        block in log on bge2 from any to <external ip of zone>/32

to /etc/ipf/ipf.conf in the gloabl zone doe sthe trick.

Thanks a lot!

Regards,

   Andreas

> IPF can only be run in the global zone, so you need to define rules in
> the global zone that block/allow traffic to the zone's ip address. But
> is impossible to setup rules that block traffic between non-global
> zones.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: L, Raghunath (Raghu): "CPU performence comparison between UIV/IV+ , T1,IIi,IIIplus If p ossible on Intel/AMD"
• Previous message: Youssef: "Sun fire 880 too slow"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:37:56 EDT