On Jul 13, 2009, Michael Zeller wrote: > Is there a way to use fwknop or any of its tools on opensolaris? I have > been playing around with opensolaris 2009.06 and one of my servers is using > fwknop and I would like to know if it is possible to use the fwknop > commands.
The fwknop client should run properly if perl is installed, but the fwknopd server is a different story. It looks to me as though opensolaris uses ipfilter as its firewall, and this is not supported yet by fwknopd. However, there may be a way to get this working using the external commands feature in fwknopd. Just set ENABLE_EXTERNAL_CMDS to Y in /etc/fwknop/fwknop.conf, and define the EXTERNAL_CMD_OPEN and EXTERNAL_CMD_CLOSE variables to use the ipfilter command along with the $SRC variable. You can always defined the port and protocol with variables, but if you are always using fwknop for SSH access, then just do: EXTERNAL_CMD_OPEN /usr/sbin/ipfilter add 1234 allow tcp from $SRC to any 22 EXTERNAL_CMD_CLOSE /usr/sbin/ipfilter delete 1234 This is mostly a guess based on the idea that ipfilter supports a similar rules syntax to ipfw. The number "1234" above is the rule number. It would be interesting to hear if this works. Thanks, --Mike ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ Fwknop-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
