Dario- With Solaris 10, you get both the pfil and ipfilter smf services.
By default, pfil is enabled and ipfilter is disabled. faber% svcs pfil ipfilter STATE STIME FMRI disabled Apr_15 svc:/network/ipfilter:default online Apr_15 svc:/network/pfil:default After installation, you need to do the following... 1- edit /etc/ipf/pfil.ap by uncommenting the appropriate network interfaces 2- add rules to /etc/ipf/ipf.conf 3- enable the ipfilter smf service with #svcadm enable ipfilter 4- reboot (or unplumb and plumb each of the interfaces) It looks like you did 1 and 2 but may need to do 3 and/or 4. -Mike Dario Leon Zambrano wrote: > Hi, > Thanks a lot for you answer, I am using ipfilter on blade 100 with > Solaris 10, with 2 nics: eri0 for local network (10.10.0.0) and hme0 for > wan too with dhcp address. > > I add line for eri0 and hme0 too and I used svcadm restart > /network/pfil, but That don't work. > > After I probed block interface eri0 only, but That don't work either. > > > Regards and thanks beforehands, > > Dario. > > > > > jdh13 wrote: > >>Dario Leon Zambrano wrote: >> >> >>>Hi, >>>I can't activate ipfilter in a machine with Solaris 10, The machine has >>>two interface and one interface has dhcp, Why don't work?. >>> >>>Can anybody help me? >>> >> >>perhaps, if you give more information about your config >>i'm using ipfilter at home, on a blade 100 solaris 10 GA, with 2 nics: >>eri0 for local network (192.168.0.0) >>rf0 for wan (ip given by cable modem) >> >>in pfil.ap, i add line gor eri0 and rf0 >> >> >> >>>The rule is block in all in /etc/ipf/ipf.conf. >>> >>>Regards and thanks beforehands, >>> >>>Dario. >>> >>> >>> > > >
