Peter beat me to the punch, but to put one detail a bit more succinctly: If the Sophos Firewall UTM depends on things like iptables functionality from the Linux kernel then it will not work with the LX brand at all. Sadly, I suspect very strongly that it does depend on iptables.
-Nahum On Mon, Jan 16, 2017 at 12:24 PM, Peter Kelm <[email protected]> wrote: > Mat, > > You’d be (more or less) limited to a KVM zone if all you have is an ISO of > an appliance. In a nutshell an LX zone is a native zone („Solaris“) using a > Linux compatibility layer. It is not a full Linux OS, does not run its own > kernel… > > Theoretically you could build an LX zone that mimics the setup of that > Sophos appliance. > 1) Determine what distribution (and specific version) the Sophos appliance > is based on. Then start out with an LX dataset of the same distribution (on > SmartOS). > 2) „Diff“ the filesystems and replicate all changes (install packages, > edit config files,…) on that LX zone/machine. > > I looked at this a while ago for an AV appliance but found that it is too > cumbersome and completely unsupported anyway. Fortunately our AV vendor > also offered an RPM install in addition to the appliance ISO. So I spun up > an Ubuntu LX zone using the Joyent provided dataset and installed those > RPMs per the directions or the AV software supplier… > > Let me know if this makes it clearer. > > Peter > > Am 16.01.2017 um 17:57 schrieb Mat Schreiber via smartos-discuss < > [email protected]>: > > > > Hi, > > sorry if my question is answered somewhere in the Joyent Wikis, but I > found nothing clearly explaining it: > > I want to install the Sophos Firewall UTM in an LX Zone (as I assume LX > Zones to be ways faster than KVM Zones). > So far so good. But I do not know how to create a VM now, as I don't have > an empty Image in imgadm. > I just have instructions from Oracle wiht LX Zones and installation from > CD: > Installing and Booting lx Branded Zones (System Administration Guide: > Oracle Solaris Containers-Resource Management and Oracle Solaris Zones) > <https://docs.oracle.com/cd/E19044-01/sol.containers/817-1592/gdbhu/index.html> > > But I am not sure if it would be possible afterwards getting this thing > again under control of vmadm... > > Or is it like that, that I should take an image (which one wouldn't > matter) and when set up I do an unconfigure to that Zone and install it > again from CD as described in the Oracle Instruction... > What to do best? > > Sorry and thanks, > Mat > > > > > > *smartos-discuss* | Archives > <https://www.listbox.com/member/archive/184463/=now> > <https://www.listbox.com/member/archive/rss/184463/28443469-fb954443> | > Modify > <https://www.listbox.com/member/?&;> > Your Subscription <http://www.listbox.com> > ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
