Heads up! I now explicitly set /etc/ipf/ipf.conf as default conf (via custom conf): r...@kunde003-wan:~# svccfg -s network/ipfilter:default setprop firewall_config_default/policy = astring: custom r...@kunde003-wan:~# svccfg -s network/ipfilter:default setprop firewall_config_default/custom_policy_file = astring: "/etc/ipf/ipf.conf"
Now the zone activates the ipfilter-config upon reboot. I still think, the original behavior is a bug. Any Idea, where I could file it? Cheers, Kai >I created a zone and installed SUNWipf (Opensolaris 2009.06). >I created /etc/ipf/ipf.conf and put in a single line for starters. INitializing the file from the commandline works >fine: >r...@kunde003-wan:~# ipf -f /etc/ipf/ipf.conf >r...@kunde003-wan:~# ipfstat -io >empty list for ipfilter(out) >block in log quick on wan3001 all > >But rebooting the zone leads to an empty firewall-Rulebase: >r...@kunde003-wan:~# ipfstat -io >empty list for ipfilter(out) >empty list for ipfilter(in) > >Currently, directory and config have the following owners / permissions: >r...@kunde003-wan:/etc# ls -ld ipf >drwxr-xr-x 2 root sys 3 May 4 16:36 ipf >r...@kunde003-wan:/etc# ls -l ipf/ipf.conf >-rw-r--r-- 1 root root 86 May 4 16:36 ipf/ipf.conf > >Any idea, why Opensolaris doesn't start the firewall upon booting? _______________________________________________ networking-discuss mailing list [email protected]
