Even though I don't work for them I have some idea. I got my
Ultra20 in order to learn about things about Solaris since I
am now in a group at work that uses a lot of Solaris. It has been
more than a year and my self education process is slow. IPfilter
in particular is an area where I am stalled. I would love to set
it up to do NAT routing as I have already been doing for years with
SuSE linux. So far I have only succeeded in getting it running
with one simple pass all rule.
IPFilter works "the other way" -- normally one would expect the firewall to
match on a rule and perform some action, like other firewalls do. However,
unless one specifies "quick" as part of the rule, IPFilter will match on the
"closest match" which is quite often the last rule pertaining to something.
Confusing? Well, you're not the only one; this confuses a lot of people new
to IPFilter.
So if you want IPFilter to behave the way other firewalls do, use the
keyword "quick" as that short circuits further mathing and immediately
performs whatever the rule tells him (IPFilter) to do.
As far as documentation, when I was starting with IPFilter years ago, I
found the "IPFilter HOWTO" (Google!) to be an excellent introduction.
For all the nitty-gritty details, man pages are also quite good, especially
if you're used to absorbing man page material very quickly (gotta love the
standardized format of man pages!)
_________________________________________________________________
Don't just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/
