hi all,
attempting to resolve a sun fddi network adapter (pf) problem. apparently
CP doesn't recognize it. when i reboot the system after the CP installation
i find that my root filesystem is unusable... thanks /pc
# ifconfig -a
lo0: flags=849<UP,LOOPBACK,RUNNING,MULTICAST> mtu 8232
inet 127.0.0.1 netmask ff000000
hme0: flags=862<BROADCAST,NOTRAILERS,RUNNING,MULTICAST> mtu 1500
inet xxx.xxx.xxx.xxx netmask ffffff00 broadcast 151.104.110.255
ether 8:0:20:c0:57:46
pf0: flags=863<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST> mtu 4352
inet 10.1.1.100 netmask ffffff00 broadcast 10.1.1.255
ether 8:0:20:a6:3f:4
pf1: flags=863<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST> mtu 4352
inet 10.1.1.200 netmask ffffff00 broadcast 10.1.1.255
ether 8:0:20:a6:3f:7f
# pkginfo | grep pf
system SUNWpfd SunFDDI PCI Drivers
system SUNWpfh SunFDDI PCI Header files
system SUNWpfm SunFDDI PCI Man pages
system SUNWpfu SunFDDI PCI Utilities
# pkginfo -l SUNWpfd
PKGINST: SUNWpfd
NAME: SunFDDI PCI Drivers
CATEGORY: system
ARCH: sparc
VERSION: 2.0,REV=1998.09.01
BASEDIR: /
VENDOR: Sun Microsystems Inc.
DESC: SunFDDI PCI Drivers
PSTAMP: buffalo980829083003
INSTDATE: Sep 12 2000 16:29
HOTLINE: Please contact your local service provider
STATUS: completely installed
FILES: 5 installed pathnames
2 shared pathnames
3 directories
2 executables
1088 blocks used (approx)
Choosing Installation
- ------------------------
(1) VPN-1 & FireWall-1 Stand Alone Installation
(2) VPN-1 & FireWall-1 Distributed Installation
Option (1) will install VPN-1 & FireWall-1
Internet GateWay (Management Server and Enforcement Module)
on a single machine.
Option (2) will allow you to install specific
components of the VPN-1 & FireWall-1 Enterprise Products
on different machines.
Enter your selection (1-2/a): 2
Installing VPN-1 & FireWall-1 Distributed Installation.
Which Module would you like to install ?
- -------------------------------------------
(1) VPN-1 & FireWall-1 Enterprise Management and Gateway/Server Module
(2) VPN-1 & FireWall-1 Gateway/Server Module
(3) VPN-1 & FireWall-1 Enterprise Management
Enter your selection (1-3/a) [1]: 2
Which Module would you like to install ?
- -------------------------------------------
(1) VPN-1 & FireWall-1 - Limited hosts (25, 50, 100 or 250)
(2) VPN-1 & FireWall-1 - Unlimited hosts
(3) VPN-1 & FireWall-1 - SecureServer
Enter your selection (1-3/a) [2]: 2
**************** VPN-1 & FireWall-1 kernel module installation ****************
installing VPN-1 & FireWall-1 kernel module... Done.
**************** Interface Configuration ****************
Scanning for unknown interfaces...
Your system uses a device, pf, that is not known to FireWall-1.
You may add it to your FireWall-1's known interface list.
If you choose to say 'no', interfaces of type pf will not be protected
at this time.
Add device pf to /etc/fw.boot/ifdev now? [y] y
Depending on the interface's type, DLPI fastpath should be enabled or disabled.
For Ethernet and IEEE 802.3 devices it is safe to say yes. If you are unsure,
say no here.
Should I accept DLPI fastpath requests for pf interfaces? [n]
Adding pf to /etc/fw.boot/ifdev... ok
Do you wish to start VPN-1 & FireWall-1 automatically from /etc/rc3.d (y/n) [y] ?
VPN-1 & FireWall-1 startup code installed in /etc/rc3.d
Configuring Licenses...
=======================
The following licenses are installed on this host:
Do you want to add licenses (y/n) [n] ?
Configuring Masters...
======================
Masters are trusted Management Stations which will
control this Check Point Module.
Do you want to add Management Stations (y/n) [y] ?
.....
Configuring Masters...
======================
Masters are trusted Management Stations which will
control this Check Point Module.
Do you want to add Management Stations (y/n) [y] ? y
Please enter the list of hosts that will be Management Stations.
Enter hostname or IP address, one per line, terminating with CTRL-D or your EOF
character.
xxx.xxx.xx.xxx
Is this correct (y/n) [y] ?
You will now be prompted to enter a secret key that will be used to
authenticate the communication between this Module and the
Management Stations that you have selected.
Enter secret key:
Again secret key:
NOTE:
Do not forget to run 'fw putkey' with the same secret key on each of
the configured masters.
Configuring SMTP Server...
==========================
Following are the current values of the SMTP Server configuration:
timeout: 900
scan_period: 2
resend_period: 600
abandon_time: 432000
maxrecipients: 50
rundir:
postmaster: postmaster
default_server:
error_server:
Would you like to modify the above configuration (y/n) [y] ? n
Configuring SNMP Extension...
=============================
The SNMP daemon enables VPN-1 & FireWall-1 module
to export its status to external network management tools.
Would you like to activate VPN-1 & FireWall-1 SNMP daemon ? (y/n) [n] ? n
Configuring Groups...
=====================
VPN-1 & FireWall-1 access and execution permissions
- -------------------------------------------
Usually, a VPN-1 & FireWall-1 module is given group permission
for access and execution.
You may now name such a group or instruct the installation
procedure to give no group permissions to the VPN-1 & FireWall-1 module.
In the latter case, only the Super-User will
be able to access and execute the VPN-1 & FireWall-1 module.
Please specify group name [<RET> for no group permissions]:
No group permissions will be granted. Is this ok (y/n) [y] ?
Setting Group Permissions... Done.
Configuring IP Forwarding...
============================
Do you wish to disable IP-Forwarding at boot time (y/n) [y] ?
IP forwarding disabled
Configuring Default Filter...
=============================
Do you wish to modify your /etc/rcS.d boot scripts to allow a default
filter to be automatically installed during boot (y/n) [y] ?
......
INIT: New run level: 6
The system is coming down. Please wait.
System services are now being stopped.
Stopping the syslog service.
Stopping PF FDDI SMT/SNM daemon
Sep 12 15:10:43 in.rdiscd[99]: terminated
The system is down.
INIT: failed write of utmpx entry:"s6"
INIT: failed write of utmpx entry:"rb"
syncing file systems... done
.........
Rebooting with command: boot
Boot device: disk0:a File and args:
SunOS Release 5.6 Version Generic_105181-22 [UNIX(R) System V Release 4.0]
Copyright (c) 1983-1997, Sun Microsystems, Inc.
FireWall-1 boot security configuration:
FW-1: Disabling IP forwarding
FW-1: Loading I/F device list: le be qe qfe hme pf
FW-1: Starting bootd: fwbootd: child pid=13
FW-1: Autopushing under UDP
FW-1: Autopushing over network interface drivers
FW-1: Autopushing over clone
FW-1: Autopushing over hme
FW-1: Autopushing over pf
configuring network interfaces:FW-1: initialized on qfe0 (1)
FW-1: i/f hme0 (hme0) is not found in table (80206910)
WARNING: this interface is not monitored by FireWall-1
FW-1 IP: FW-1 has a problem registering an interface configuration
command (80206910) - blocked.
------- End of Forwarded Message
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
