Following is the content of my /etc/ipf/ipf.conf: # route add inet6 fe80::21e:ecff:fe64:1330/10 localhost 0 block in log quick from any to any with ipopts block in log quick proto tcp from any to any with short pass out on bge0 all head 150 block out from 127.0.0.0/8 to any group 150 block out from any to 127.0.0.0/8 group 150 # block out from any to inet6 fe80::21e:ecff:fe64:1330/10 /32 group 150 pass in on bge0 all head 100 block in from 127.0.0.0/8 to any group 100 # block in from inet6 fe80::21e:ecff:fe64:1330/10 /32 to any group 100
I got the above rules using the mkfilter script in the /usr/shares/ipfilter/example But when I rebooted my system i ran the command pfexec ipfstat -io, but there were no rules. Then i tried manually load the file with pfexec ipf -Fa -f /etc/ipf/ipf.conf and then it loaded fine. I want to know is the filter ipf.conf the correct location for the rules and are the rules above good enough for a web surfing and downloading from torrents and p2p. -- This message posted from opensolaris.org _______________________________________________ opensolaris-help mailing list opensolaris-help@opensolaris.org
