Hi list, i want to set up an ipfilter firewall for a system on solaris 10.
The config looks like: - allow all outgoing connections using keep state, - allow a certain list of incoming connections (Using keep state) - block the rest When i load the filter when the machine is running everything is OK. But when the filter is loaded at boottime one of the first packets that gets out of the machine is a UDP broadcast message looking for a NIS server. When the server answers the package is not recognized as part of a connection and thus blocked. It seems keep state works using the remote side information of the 'connection', which changes in this case. Is there a workaround for this (other than knowing the NIS server in advance and adding pass rules for that.) Thanks a lot, tom. -- Tom Ploegmakers, ASML 7H4.005, (+31)40 268 6238 -- panic: can't find / -- The information contained in this communication and any attachments is confidential and may be privileged, and is for the sole use of the intended recipient(s). Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please notify the sender immediately by replying to this message and destroy all copies of this message and any attachments. ASML is neither liable for the proper and complete transmission of the information contained in this communication, nor for any delay in its receipt.
