IPFilter doesn't "fail". It's not a process that can die. It's a
kernel module. If it "dies" the system panics and you have no Solaris.
I've been using IPFilter for 15 years, it's never "failed".
On 9/24/2010 10:51 AM, J. Joseph Felten wrote:
Sorry if this is obvious to IP Filter veterans. I searched the FAQ
and Solaris IP Filter documentation and the mailing list etc. etc. and
have not found an answer.
I've created a very simple IP Filter rules set on Solaris 10 to block
access to a particular port from particular IP addresses. This works
well but what happens if IP Filter fails in some way (perhaps putting
the service in to a maintenance state)? Isn't the kernel module's
default to pass all?
