Andrey wrote:
I'm unable to configure ipfilter using /etc/system.
dmesg
...
genunix: [ID 492708 kern.notice] sorry, variable 'fr_tcphalfclosed' is not
defined in the 'ipf'
genunix: [ID 966847 kern.notice] module
genunix: [ID 100000 kern.notice]
ipf: [ID 774698 kern.info] IP Filter: v4.1.9, running....
Past build 56 you need to use the ipf command to set the IP Filter
tunables. For instance invoke this
ipf -T fr_tcphalfclosed=1200
That change was necessary so that IP Filter could be virtualized. Each
exclusive-IP zone can now have its own IP Filter rules, states, tunables
etc.
Erik
tail /etc/system
[EMAIL PROTECTED]
* To set variables in 'unix':
*
* set nautopush=32
* set maxusers=40
*
* To set a variable named 'debug' in the module named 'test_module'
*
* set test_module:debug = 0x13
set ipf:fr_tcphalfclosed = 1200
ipf -T list | grep fr_tcphalfclosed
fr_tcphalfclosed min 0x1 max 0x7fffffff current 14400
This message posted from opensolaris.org
_______________________________________________
networking-discuss mailing list
[email protected]
_______________________________________________
networking-discuss mailing list
[email protected]
