On 28/02/2022 12:32, Marc Lobelle wrote:
Hello,
I defined firewall rules for ipfilter in /etc/ipf/ipf.conf.
However, I use nwam and, at boot time, nwam wipes out all firewall rules
and imposes its own: block everything excpt dhcp in the NoNet situation
and no rules at all when a network interface is active.
The NoNet rules can be replaced by my own rules by copying
/etc/ipf/ipf.conf in /etc/nwam/loc/NoNet/ipf.conf, but this is useless
because it is replaced by nothing at all when a network interface is
activated. Therefore I removed this change.
I tried to add to /etc/nwam/loc/create_loc_auto a line "set
ipfilter-config-file=/etc/ipf/ipf.conf" similar to the line in
create_loc_NoNet: "set ipfilter-config-file=/etc/nwam/loc/NoNet/ipf.conf"
But this does not change the behaviour.
How can I tell nwam to use ipf.conf ?
Thanks for your help.
> ...
In illumos-gate/usr/src/lib/libnwam/common/libnwam.h, I see
#define NWAM_LOC_PROP_IPFILTER_CONFIG_FILE "ipfilter-config-file"
#define NWAM_LOC_PROP_IPFILTER_V6_CONFIG_FILE "ipfilter-v6-config-file"
These enter pt_types and loc_prop_table structures in libnwam_loc.c,
didn't follow where that ends. Hope that helps.
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
https://openindiana.org/mailman/listinfo/openindiana-discuss
