you can not filter against lo0 on solaris --
the implementation just doesn't support packet
interception on the trip to/from lo0.
so, any rules such as
> pass in quick on lo0 all
have no effect under solaris.
jim
[EMAIL PROTECTED] wrote:
Hello Damir:
Thanks for the advise. I am wasn't clear that I have only one nic and
don'' do NAT either.
Also, I read some where waying that lo0 is not working with Solaris on IPF.
I tried to find where I read that and can't get it back.
Anyway, I am opening to all sugestions.
Thanks,
C-
On Wednesday 30 October 2002 14:48, [EMAIL PROTECTED] wrote:
Hello Matthias:
Thank you for your answer, yes, I did read and reread on the howto,
but still would like to hear from the experiences.
Also Yes, you are answer my question.
I did want to block all in and out then open ports that I allow come
in and go out.
but be carefull you specify interface on which you operate. One surely
don't want to block traffic on localhost device.
I do it this way:
block in all
block out all
pass in quick on lo0 all
pass out quick on lo0 all
# all other rules follows
Regards,
Damir Horvat
