SUMMARY: ipfilter on solaris 9 block USB keyboard and second NIC
Question: Is it because of a second NIC? I enjoy tips ...
Hi all,
after the discussion warmed up last week, i decided to reinstall
IP Filter again. IP FILTER was instaled on a SunBlade Solaris 9 box.
The machine was running quite fine already for ca 2 weeks.
Ca. 1-2 hours after the IP FILTER instalation running
pass in all/pass out all the USB keyboard hung up again.
Now my observations:
The machine hast 2 ethernet interfaces, i just inserted pfil in
the modlist of the main interface, eri0, but ifconfig -a modlist
showed me that pfil was also in modlist of hme0 (second interface).
The second interface controls an instrument and serves TFTP
and local IP/hostnames. At first i just configured the firewall for
a single host machine (only for eri0). Could it then be the reason why
IP FILTER blocks the keyboard?
The secound interface was appearently also blocked, but the main one
(eri0), not.
Below is the procedure i used to install ipfilter:
1) download/unpack pfil and ip_fil4.1.22 to the same directory.
2) cd pfil && make && make install
3) cd ../../ip_fil4.1.22 && make solaris
4) cd cd SunOS5 && make package
5) ifconfig eri0 modinsert [EMAIL PROTECTED]
6) vi /etc/opt/ipf/ipf.conf
pass out log first quick on eri0 all
pass in log first quick on eri0 all
7) /etc/rc2.d/S65ipfboot start
And here the oririgal Email:
Hello,
for the second time, in a different machine, i observe IP FILTER blocking
the keyboard. I have a Solaris 9 on a SunBlade 100 with USB keyboard
and IPFILTER 4.1.22 with pfil 2.1.12. I load the IPF rules and keep on
working normally. On the next day the machine has a normal network
behaviour and the mouse answers, but the USB keyboard is blocked and
i have to reboot to bring to normal behaviour, despite the same IPF rules
are loaded at boot time. Thus it happens with time (???)
