Hi, Thanks a lot Michael and Doe, I probed all that you write me but don't work. I view in /var/adm/messages when I executed svcadm restart network/pfil a similar messages how follow: ipfilter: pfil not configured for firewall/NAT operation.
The command ifconfig eri0 modlist show 0 arp 1 ip 2 eri I used: ifconfig eri0 modinsert [EMAIL PROTECTED] and neither work What's about pfil?, what is my error? Regards and Thanks. Dario. Michael Lim wrote: > Dario- > > With Solaris 10, you get both the pfil and ipfilter smf services. > > By default, pfil is enabled and ipfilter is disabled. > > faber% svcs pfil ipfilter > STATE STIME FMRI > disabled Apr_15 svc:/network/ipfilter:default > online Apr_15 svc:/network/pfil:default > > After installation, you need to do the following... > > 1- edit /etc/ipf/pfil.ap by uncommenting the appropriate > network interfaces > > 2- add rules to /etc/ipf/ipf.conf > > 3- enable the ipfilter smf service with > #svcadm enable ipfilter > > 4- reboot (or unplumb and plumb each of the interfaces) > > It looks like you did 1 and 2 but may need to do 3 and/or 4. > > > -Mike > > > Dario Leon Zambrano wrote: > >>Hi, >>Thanks a lot for you answer, I am using ipfilter on blade 100 with >>Solaris 10, with 2 nics: eri0 for local network (10.10.0.0) and hme0 for >>wan too with dhcp address. >> >>I add line for eri0 and hme0 too and I used svcadm restart >>/network/pfil, but That don't work. >> >>After I probed block interface eri0 only, but That don't work either. >> >> >>Regards and thanks beforehands, >> >>Dario. >> >> >> >> >>jdh13 wrote: >> >> >>>Dario Leon Zambrano wrote: >>> >>> >>> >>>>Hi, >>>>I can't activate ipfilter in a machine with Solaris 10, The machine has >>>>two interface and one interface has dhcp, Why don't work?. >>>> >>>>Can anybody help me? >>>> >>> >>>perhaps, if you give more information about your config >>>i'm using ipfilter at home, on a blade 100 solaris 10 GA, with 2 nics: >>>eri0 for local network (192.168.0.0) >>>rf0 for wan (ip given by cable modem) >>> >>>in pfil.ap, i add line gor eri0 and rf0 >>> >>> >>> >>> >>>>The rule is block in all in /etc/ipf/ipf.conf. >>>> >>>>Regards and thanks beforehands, >>>> >>>>Dario. >>>> >>>> >>>> >> >> >> >
