Solaris / OpenSolarisThis forum is for the discussion of Solaris, OpenSolaris, OpenIndiana, and illumos.
General Sun, SunOS and Sparc related questions also go here. Any Solaris fork or distribution is welcome.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I need to enable firewall on Solaris. If I put only this in /etc/ipf/ipf.conf:
Code:
#
# ipf.conf
#
# IP Filter rules to be loaded during startup
#
# See ipf(4) manpage for more information on
# IP Filter rules syntax.
block in log quick from 1.2.3.0/24 to any
will it only block given subnet and nothing else?
(is the default action allow?)
thanks.
Hadn't Solaris changed to PF instead of IPF? If PF is available for the version you have that might be preferable for several reasons including more people are familiar with it.
If I read correctly PF was introduced in 11.3, but it would be an older version of PF. Are there manual pages present for each of the device driver pf(4), the pf.conf(5) configuration, and the pfctl(8) utility?
I need to enable firewall on Solaris. If I put only this in /etc/ipf/ipf.conf:
(is the default action allow?)
It is a rule-based firewall. There is no "default" action other than the rules you make for it.
pf was available when I used Solaris but it was not the standard yet. I've been using it on FreeBSD since 2005 and have posted my ruleset in that forum and the BSD forum next door.
I love you all equally as much:
Code:
### Macro name for external interface
ext_if = "em0"
netbios_tcp = "{ 22, 23, 25, 80, 110, 111, 123, 512, 513, 514, 515, 6000, 6010 }"
netbios_udp = "{ 123, 512, 513, 514, 515, 5353, 6000, 6010 }"
### Reassemble fragmented packets
scrub in on $ext_if all fragment reassemble
### Default deny everything
block log all
### Pass loopback
set skip on lo0
### Block spooks
antispoof for lo0
antispoof for $ext_if inet
block in from no-route to any
block in from urpf-failed to any
block in quick on $ext_if from any to 255.255.255.255
block in quick log on $ext_if from { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 255.255.255.255/32 } to any
### Block all IPv6
block in quick inet6 all
block out quick inet6 all
### Block to and from port 0
block quick proto { tcp, udp } from any port = 0 to any
block quick proto { tcp, udp } from any to any port = 0
### Block specific ports
block in quick log on $ext_if proto tcp from any to any port $netbios_tcp
block in quick log on $ext_if proto udp from any to any port $netbios_udp
### Keep and modulate state of outbound tcp, udp and icmp traffic
pass out on $ext_if proto { tcp, udp, icmp } from any to any modulate state
Solaris IPF (Internet Protocol Filter) is a firewall technology used in the Solaris operating system. It provides network-level filtering and packet processing capabilities, allowing administrators to define rules and policies for network traffic control and security. With Solaris IPF, administrators can implement fine-grained control over incoming and outgoing network connections based on various criteria such as source/destination IP addresses, port numbers, protocols, and more. IPF offers flexibility and robustness in securing network communications and mitigating potential security risks. It is a powerful tool for managing network traffic and enforcing security measures on Solaris-based systems, helping to protect against unauthorized access and potential threats.
Solaris IPF (Internet Protocol Filter) is a firewall technology used in the Solaris operating system. It provides network-level filtering and packet processing capabilities, allowing administrators to define rules and policies for network traffic control and security. With Solaris IPF, administrators can implement fine-grained control over incoming and outgoing network connections based on various criteria such as source/destination IP addresses, port numbers, protocols, and more. IPF offers flexibility and robustness in securing network communications and mitigating potential security risks. It is a powerful tool for managing network traffic and enforcing security measures on Solaris-based systems, helping to protect against unauthorized access and potential threats <SPAM LINK REMOVED>
Thanks for copy/pasting a description to a two-year-old closed thread. Reported.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.