The answer to myself the question maybe someone else useful If you are using ippool in the Global Zone
1) All manipulations with pools after boot completely - made standard (svcadm disable/enable/restart ipfilter) 2) Ie if you add the address is added to the two locations: /etc/ipf/ippool.conf - then restart ipfiter for work now /opt/custom/path/to/firewall - that remained after the system restart 2016-09-25 23:01 GMT+03:00 Tiraen <[email protected]>: > For example: > 1) I have a couple of servers, with smartos where firewall (ipfilter) > works in the Global Zone which is loaded from script in the /opt/custom/smf > (Features data centers, unfortunately) > 2) Yes, I am creating a certain pool of IP addresses by > /etc/ipf/ippool.conf and it is loaded into memory at boot time, as I > understand it > 3) Physically, the table looks like this. > > [root@dbback ~]# ippool -l > table role = ipf type = tree number = 20 > { IP/32; IP1/32; IP2/32; etc }; > > 4) Further, if there is a need to add one more address in the pool, In > the "restart script firewall" happen pool cleaning > > /usr/sbin/ippool -F > > But, when i try execute this: > > The pool is the filled. It helps in this case only a reboot > > So I want to understand is that I'm doing something wrong. or is it a > feature > > > > > 2016-09-25 22:36 GMT+03:00 Joshua M. Clulow <[email protected]>: > >> On 25 September 2016 at 08:06, Tiraen <[email protected]> wrote: >> > Good day, perhaps somewhere it was, but still ask >> > I understand correctly, that after a full system boot in the Global >> zone does not work like commands >> > >> > ippoll -F >> > >> > Ie the only way to rebuild the pool - just reboot host mashine. >> >> I'm sorry, but I don't quite follow the question. Are you trying to >> use the "pools" functionality of IP Filter? Is it not working for you >> in the way that you would expect? What exact commands are you >> running, and what output do you get? >> >> Cheers. >> >> -- >> Joshua M. Clulow >> UNIX Admin/Developer >> http://blog.sysmgr.org >> > > > > -- > With best regards, > > Vyacheslav Yakushev, > > Unix system administrator > -- With best regards, Vyacheslav Yakushev, Unix system administrator ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
