Darren J Moffat wrote: > Darren.Reed at Sun.COM wrote: > >> For IPFilter, once pfil dies we should be planning to move it >> before network/physical (this depedency will disappear) but >> still after system/identity. > > > Why does IPfilter care about the nodename of the system ? You can't > filter on it since it often doesn't match any thing that resolves to > an IP address.
I've never encountered a scenario where the nodename of a system isn't in /etc/hosts. Furthermore, it does support using an special alias ("<thishost>") that causes ipf to resolve the nodename of a box into an IP address. The purpose of that is for jumpstart'd generic configs. Darren