I do not think you need to install a newer version. Does an ipfstat -i and ipfstat -o show the new rules that you have added? You may be running into a bug that I filed, "svcadm disable ipfilter does not flush firewall rules". To get around this after you do a svcadm disable ipfilter then do a ipf -Fa to flush all the firewall rules then do a svcadm enable ipfilter to put the new rules into place. Let me know if this helps any.
On 6/17/07, abu <[EMAIL PROTECTED]> wrote:
yes i did restart my ipf soon after i added the rules.how i restart my ipf?i use this command to to stop and start my ipf "svcadm disable ipfilter" and "svcadm enable ipfilter". how i know my ipf rules not working? because if my ipf working properly it shoud block my telnet port.to stop telnet service is easy but how to block from WAN?so should i install the new version of ipf or is there any way to make it work? This message posted from opensolaris.org _______________________________________________ opensolaris-help mailing list [email protected]
_______________________________________________ opensolaris-help mailing list [email protected]
