It'd be nice to have firewall builder for (Open)Solaris,
although it needs Qt.
--
This message posted from opensolaris.org
___
opensolaris-help mailing list
opensolaris-help@opensolaris.org
I really like syntax of pf(4). People were posting examples where they reduced
around 300 lines of rules in IPfilter to about 60 lines including comments and
new lines in pf(4).
Eg. Antispoof is very easy with 'antispoof quick for { lo em0 }'. Manipulation
with firewall on-line is easy with
ht
I have been using solaris firewall for over a year now, up to now there has
been know tool to configure any of this, I had to figure it out, but this saved
me on buying a firewall, though the ipf.conf could use some hardening, any
suggestions is great, I am running snv_b126, I had to enable the
[...]
GUI stuff? There was something about GUI? :-)
[...]
Yeah, just that most people today heavily use GUI and GUI apps and to
hear someone going on about a DEC VT100 is odd in any case for the
modern user!
That was the assumption I was making anyhow.
P.s. hey since you have a openb
Too late. Hah :-D
No. There is a base idea - use what's appropriate for your case and you.
GUI stuff? There was something about GUI? :-)
--
This message posted from opensolaris.org
___
opensolaris-help mailing list
opensolaris-help@opensolaris.org
Yes, it's good in some areas, but not everybody has so much money to have real
Cisco at home :-) and just because a lot of people use something doesn't mean
that it's a good product.
Good security? securityfocus.com provide different view. Too much bugs in their
IOS. But ok, a lot of people is
Hey, don't forget that my use Cisco post was just a suggestion and not
me trying to impose anything on anyone ;-)
There are always going to be advantages and disadvantages to anything so
it really boils down to what is right for the situation and which suites
you best.
Anyway enough GUI stuf
Tomas Bodzar wrote:
Huh Cisco? Why? I have OpenBSD. It's better and of course a much more cheaper
:-) BTW I can't change isp's switch as it's locked downstairs for whole block
of flats ;-) (ok, I can't chage it legally :-D)
Cisco is good because anybody with an ADSL, Cable, Serial, VDSL, o
Huh Cisco? Why? I have OpenBSD. It's better and of course a much more cheaper
:-) BTW I can't change isp's switch as it's locked downstairs for whole block
of flats ;-) (ok, I can't chage it legally :-D)
--
This message posted from opensolaris.org
___
Tomas Bodzar wrote:
Yes, just another protection of perimeter. Even at home with cable connection I
can see a lot of attempts to break to my computers on log device for pf(4)
either from remote countries like China, Bulgaria and similar or even from
neighbours around me. And yes, there is a fi
Yes, just another protection of perimeter. Even at home with cable connection I
can see a lot of attempts to break to my computers on log device for pf(4)
either from remote countries like China, Bulgaria and similar or even from
neighbours around me. And yes, there is a firewall on cable router
On 01/16/10 10:30 AM, Jaideep Das wrote:
I have no server running on my system which requires access to internet. So it
should be save to disable all outgoing data. But for bittorrent do i need to
open some ports.
If you have vpanels-firewall package installed, bring up the firewall
panel an
I can barely understand an admin set at the routed line service. Cell to cell
features (my association of Verizon) have to track and bill the live time with
little regard to a content or bandwidth. Your addition firewall on the routed
line is another filter block right ??
--
This message posted
Yea, could belike this horrible c.r.a.p. from Verizon and many other
unqualified vendors
http://www.darkreading.com/vulnerability_management/security/perimeter/showArticle.jhtml?articleID=00541&cid=nl_DR_WEEKLY_2010-01-07_h
That's why I use own firewall even on laptop or desktop. This is
Following is the content of my /etc/ipf/ipf.conf:
# route add inet6 fe80::21e:ecff:fe64:1330/10 localhost 0
block in log quick from any to any with ipopts
block in log quick proto tcp from any to any with short
pass out on bge0 all head 150
block out from 127.0.0.0/8 to any group 150
block out
Following is the output of the command
svcs -a | grep ipf:
online 23:40:33 svc:/network/ipfilter:default
I have no server running on my system which requires access to internet. So it
should be save to disable all outgoing data. But for bittorrent do i need to
open some ports.
--
This
On 01/14/10 03:44, Jaideep Das wrote:
i have install vpanel-firewall on my laptop. I want to know how to enable a
basic firewall on my laptop. Or is there a firewall running already.
OpenSolaris comes with ipfilter, though it isn't enabled unless you
explicitly enable it. Since you have t
Jaideep,
What is the output you get when you open up a command prompt terminal and type
in this command:
svcs -a | grep ipf
?
--
This message posted from opensolaris.org
___
opensolaris-help mailing list
opensolaris-help@opensolaris.org
But if this basic home user is routed off a separate dsl modem input device at
cat 5 direct or even a wireless home IP their could be another firewall right ??
--
This message posted from opensolaris.org
___
opensolaris-help mailing list
opensolaris-hel
You have a lot of man pages on your system so start with 'man ipf'. You can
find a lot of info in /usr/share/ipfilter/examples
If you don't know if your firewall is running or not then you probably don't
know about SMF so 'man smf' and at least 'man svcs'.
And Internet is working at least here
i have install vpanel-firewall on my laptop. I want to know how to enable a
basic firewall on my laptop. Or is there a firewall running already.
--
This message posted from opensolaris.org
___
opensolaris-help mailing list
opensolaris-help@opensolaris.o
21 matches
Mail list logo