I have just updated (fresh install) from Solaris 10 U7 to U8 on sparc. After
reloading ipfilter with /lib/svc/method/ipfilter reload I received the
following error message:-
14:ioctl(add/insert nat rule): Invalid argument
I believe I have narrowed this error message down to the redirection rule in
/etc/ipf/ipnat.conf, the map rules are fine.
An ipnat -l also shows the redirect rule is missing
Below is the content of /etc/ipf/ipnat.conf the rules have been generated by
fwbuilder (ver 2.0.12 from blastwave)
The same rdr rule works fine on Solaris 10 U7, has the rdr syntax changed or is
this invalid syntax.
If I change the rdr rule to
rdr dmfe1 XX.YY.54.12/32 port 2055 -> 10.90.2.94 port 2055 udp
there is no error message.
----/etc/ipf/ipnat.conf-----------------------------------------------------------------
# Rule 0 (NAT)
#
#
map dmfe1 from 10.90.2.0/24 to any -> XX.YY.54.12/32 portmap tcp/udp auto
map dmfe1 from 10.90.2.0/24 to any -> XX.YY.54.12/32
#
# Rule 1 (NAT)
#
#
rdr dmfe1 from XX.YY.54.14/32 to XX.YY.54.12/32 port = 2055 -> 10.90.2.94 port
2055 udp
----/etc/ipf/ipnat.conf-----------------------------------------------------------------
Many thanks
James
bash-3.00# ipf -V
ipf: IP Filter: v4.1.9 (592)
Kernel: IP Filter: v4.1.9
Running: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 0
Feature mask: 0x107
bash-3.00# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
inet 127.0.0.1 netmask ff000000
dmfe0: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu 1500 index
2
inet 10.90.2.6 netmask ffffff00 broadcast 10.90.2.255
ether 0:3:ba:2a:9a:38
dmfe1: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu 1500 index
3
inet XX.YY.54.12 netmask fffffff8 broadcast XX.YY.54.15
ether 0:3:ba:2a:9a:39
--
This message posted from opensolaris.org
_______________________________________________
networking-discuss mailing list
[email protected]
