I do not think you need to install a newer version. Does an ipfstat -i and ipfstat -o show the new rules that you have added? You may be running into a bug that I filed, "svcadm disable ipfilter does not flush firewall rules". To get around this after you do a svcadm disable ipfilter then do a ipf -Fa to flush all the firewall rules then do a svcadm enable ipfilter to put the new rules into place. Let me know if this helps any.
On 6/17/07, abu <invigeek at yahoo.com> wrote: > > yes i did restart my ipf soon after i added the rules.how i restart my > ipf?i use this command to to stop and start my ipf "svcadm disable ipfilter" > and "svcadm enable ipfilter". how i know my ipf rules not working? because > if my ipf working properly it shoud block my telnet port.to stop telnet > service is easy but how to block from WAN?so should i install the new > version of ipf or is there any way to make it work? > > > This message posted from opensolaris.org > _______________________________________________ > opensolaris-help mailing list > opensolaris-help at opensolaris.org > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.opensolaris.org/pipermail/opensolaris-help/attachments/20070617/7ebb0201/attachment.html>
