Hello All
I had compiled and installed sucessfully 4.1.8 and pfil 2.1.7 on
#uname -a
#SunOS sf44ce21 5.9 Generic_118558-11 sun4u sparc SUNW,Sun-Fire-V440
The packages installed are "pfil ipf ipfx".
My machine has ipv6 support and configured with ipv6.
Output of "ifconfig -a"
*************************************
lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 5
inet 127.0.0.1 netmask ff000000
ce3: flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu 1500 index 8
inet 180.144.225.62 netmask ffff0000 broadcast 180.144.255.255
groupname core
ether 0:3:ba:b2:32:f6
ce3:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mt! u 1500 index 8
inet 180.144.225.40 netmask ffff0000 broadcast 180.144.255.255
ce3:2: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4> mtu 1500 index 8
inet 180.144.225.42 netmask ffff0000 broadcast 180.144.255.255
ce3: flags=a040841<UP,RUNNING,MULTICAST,DEPRECATED,IPv6,NOFAILOVER> mtu 1500 index 8
ether 0:3:ba:b2:32:f6
inet6 fe80::203:baff:feb2:32f6/10
groupname core
ce3:1: flags=2000841<UP,RUNNING,MULTICAST,IPv6> mtu 1500 index 8
inet6 2106:22:188:252:0:66:1:1/10
**************************************************************
#cat /etc/opt/ipf/ipf6.conf
block in quick on ce3 proto tcp from any to 2106:22:188:252:0:66:1:1/10! port =
23
--After the configuration activated rule by executing
# /etc/init.d/ipfboot start
Set 0 now inactive
filter sync'd
----------------------------------------------------------------------
After this activation ,still i am able to open a telnet connection to the ipv6 2106:22:188:252:0:66:1:1
Am I doing some thing wrong?
--------------------------------------------------------------------
Some more information on system status..
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
output of ipfstat
~~~~~~~~~~~~~~~~~~~~~~~~~~~!
[EMAIL PROTECTED]> ipfstat
bad packets: in 0 out 0
IPv6 packets: in 0 out 0
input packets: blocked 0 passed 1904 ! nomatch 1833 counted 0 short 0
output packets: blocked 0 passed 101 nomatch 1 counted 0 short 0
input packets logged: blocked 0 passed 0
output packets logged: blocked 0 passed 0
packets logged: input 0 output 0
log failures: input 0 output 0
fragment state(in): kept 0 lost 0 not fragmented 0
fragment state(out): kept 0 lost 0 not fragmented 0
packet state(in): kept 0 lost 0
packet state(out): kept 0 lost 0
ICMP replies: 0 TCP RSTs sent: 0
Invalid source(in): 0
Result cache hits(in): 71 (out): ! 100
IN Pullups succeeded: 0 failed: 0
OUT Pullups succeeded: 0 failed: 0
Fastroute successes: 0 failures: 0
TCP cksum fails(in): 0 (out): 0
IPF Ticks: 287
Packet log flags set: (0)
none
[EMAIL PROTECTED]>
************************************************************
output of "ndd /dev/pfil qif_status"
[EMAIL PROTECTED]> ndd /dev/pfil qif_status
ifname ill q OTHERQ ipmp num sap hl nr nw bad copy copyfail drop notip nodata notdata
QIF3 0x0 0x30028ba52e8 0x30028ba53d8 0x0 3 8035 0 0 0 0 0 0 0 0 0 0
ce3 0x30000064030 0x30007e3bca8 0x30007e3bd98 0x0 2 800 14 162717 7921 0 0 0 0 0 0 0
QIF1 0x0 0x30007d9! cfd0 0x30007d9d0c0 0x0 1 806 0 21 22 0 0 0 0 0 0 0
Pradeep Reddy
I had compiled and installed sucessfully 4.1.8 and pfil 2.1.7 on
#uname -a
#SunOS sf44ce21 5.9 Generic_118558-11 sun4u sparc SUNW,Sun-Fire-V440
The packages installed are "pfil ipf ipfx".
My machine has ipv6 support and configured with ipv6.
Output of "ifconfig -a"
*************************************
lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 5
inet 127.0.0.1 netmask ff000000
ce3: flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu 1500 index 8
inet 180.144.225.62 netmask ffff0000 broadcast 180.144.255.255
groupname core
ether 0:3:ba:b2:32:f6
ce3:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mt! u 1500 index 8
inet 180.144.225.40 netmask ffff0000 broadcast 180.144.255.255
ce3:2: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4> mtu 1500 index 8
inet 180.144.225.42 netmask ffff0000 broadcast 180.144.255.255
ce3: flags=a040841<UP,RUNNING,MULTICAST,DEPRECATED,IPv6,NOFAILOVER> mtu 1500 index 8
ether 0:3:ba:b2:32:f6
inet6 fe80::203:baff:feb2:32f6/10
groupname core
ce3:1: flags=2000841<UP,RUNNING,MULTICAST,IPv6> mtu 1500 index 8
inet6 2106:22:188:252:0:66:1:1/10
**************************************************************
#cat /etc/opt/ipf/ipf6.conf
block in quick on ce3 proto tcp from any to 2106:22:188:252:0:66:1:1/10! port =
23
--After the configuration activated rule by executing
# /etc/init.d/ipfboot start
Set 0 now inactive
filter sync'd
----------------------------------------------------------------------
After this activation ,still i am able to open a telnet connection to the ipv6 2106:22:188:252:0:66:1:1
Am I doing some thing wrong?
--------------------------------------------------------------------
Some more information on system status..
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
output of ipfstat
~~~~~~~~~~~~~~~~~~~~~~~~~~~!
[EMAIL PROTECTED]> ipfstat
bad packets: in 0 out 0
IPv6 packets: in 0 out 0
input packets: blocked 0 passed 1904 ! nomatch 1833 counted 0 short 0
output packets: blocked 0 passed 101 nomatch 1 counted 0 short 0
input packets logged: blocked 0 passed 0
output packets logged: blocked 0 passed 0
packets logged: input 0 output 0
log failures: input 0 output 0
fragment state(in): kept 0 lost 0 not fragmented 0
fragment state(out): kept 0 lost 0 not fragmented 0
packet state(in): kept 0 lost 0
packet state(out): kept 0 lost 0
ICMP replies: 0 TCP RSTs sent: 0
Invalid source(in): 0
Result cache hits(in): 71 (out): ! 100
IN Pullups succeeded: 0 failed: 0
OUT Pullups succeeded: 0 failed: 0
Fastroute successes: 0 failures: 0
TCP cksum fails(in): 0 (out): 0
IPF Ticks: 287
Packet log flags set: (0)
none
[EMAIL PROTECTED]>
************************************************************
output of "ndd /dev/pfil qif_status"
[EMAIL PROTECTED]> ndd /dev/pfil qif_status
ifname ill q OTHERQ ipmp num sap hl nr nw bad copy copyfail drop notip nodata notdata
QIF3 0x0 0x30028ba52e8 0x30028ba53d8 0x0 3 8035 0 0 0 0 0 0 0 0 0 0
ce3 0x30000064030 0x30007e3bca8 0x30007e3bd98 0x0 2 800 14 162717 7921 0 0 0 0 0 0 0
QIF1 0x0 0x30007d9! cfd0 0x30007d9d0c0 0x0 1 806 0 21 22 0 0 0 0 0 0 0
Pradeep Reddy
Have a Nice daypradeep reddy
Bring words and photos together (easily) with
PhotoMail - it's free and works with Yahoo! Mail.
