On 10/15/09 15:25, Jeff Victor wrote:
> I would like to set up a zone to be a router - and nothing else - in a
> virtual network that is using crossbow on OpenSolaris 2009.06. I am
> trying to create a list of all of the necessary commands.
>
> Assume that:
> * the zone will have two VNICs: one going to the outside world via a
> NIC, and one going to an internal switch to which other zones are
> connected
> * the zone and its VNICs have been created
> * I want to disable all unnecessary services to harden the router-zone
>
> What commands do I need in the zone to persistently enable routing? So
> far I have:
>
> router-zone# svcadm enable svc:/network/ipv4-forwarding
>
> Also, what services can I disable?
try netservices limited inside the zone to disable all network services,
except sshd.
Kais
>
> TIA,
> --JeffV
>
> _______________________________________________
> crossbow-discuss mailing list
> crossbow-discuss at opensolaris.org
> http://mail.opensolaris.org/mailman/listinfo/crossbow-discuss
>
