0 Replies Latest reply: Aug 14, 2012 3:02 PM by CyberNinja RSS

    Zone ipf question

    CyberNinja
      Hello,
      I was wondering, if your setting ipf filter rules on a Solaris 10 server with one or more full root zones. Where do you set it? I know that the place to set the rules is here; /etc/ipf/ipf.conf. Do I set it in each zone and the global? Or should I just set the rules at the global?

      Also the the interfaces are shared. For example if you do an ifconfig -a
      # ifconfig -a
      lo0: flags=2001000849<UP,LOOPBACK,RUNNING,IPv4,VIRTUAL> mtu 8232 index 1
      inet 127.0.0.1 netmask ff000000
      lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,IPv4,VIRTUAL> mtu 8232 index 1
      zone zone-name
      inet 127.0.0.1 netmask ff000000
      aggr1: flags=1000843<UP,LOOPBACK,RUNNING,IPv4,VIRTUAL> mtu 8232 index 2
      inet 192.168.120.120 netmask ffffff00 broadcast 192.168.120.255
      e1000g0: flags=1000843<UP,LOOPBACK,RUNNING,IPv4,VIRTUAL> mtu 1500 index 3
      inet 192.168.159.25 netmask fffffe00 broadcast 192.168.159.255
      e1000g0:1: flags=1000843<UP,LOOPBACK,RUNNING,IPv4,VIRTUAL> mtu 1500 index 3
      zone zone-name
      inet 192.168.159.66 netmask fffffe00 broadcast 192.168.159.255


      Please let me know what I should do?