Jerry K wrote:
Is IP filter even running?
svcs -l ipfilter
In your email, you state that you have moved. Did you re-ip? Are you
using network port other than the bge0 interface from your email below?
There really isn't enough detail about how the current server is
configured to determine the actual source of the problem, but I can
tell you from you ipfstat command below, that if ipfilter is running,
it isn't doing anything.
Jerry
Hello,
Sorry for not making clear in my first post and late respond (had to do
some family time). We moved the server from DC but kept the same
range/IPs on the servers. They have multiple IPs (about 20) since every
vhost on the server required their own IP address. It is using the bge0
(see output below):
# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu
8232 index 1
inet 127.0.0.1 netmask ff000000
bge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet xxx.xxx.xxx.30 netmask ffffff00 broadcast xxx.xxx.xxx.255
bge0:62: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet xxx.xxx.xxx.62 netmask ffffff00 broadcast xxx.xxx.xxx.255
For as the running ipfilter, it seems online. And it seems to read the
/etc/ipf/ipf.conf config file.
# svcs -l ipfilter
fmri svc:/network/ipfilter:default
name IP Filter
enabled true
state online
next_state none
state_time Tue Nov 25 15:29:37 2009
alt_logfile /etc/svc/volatile/network-ipfilter:default.log
restarter svc:/system/svc/restarter:default
dependency require_all/restart file://localhost/etc/ipf/ipf.conf (online)
dependency require_all/none svc:/system/filesystem/usr (online)
dependency require_all/restart svc:/network/pfil (online)
dependency require_all/restart svc:/network/physical (online)
dependency require_all/restart svc:/system/identity:node (online)
Or am I reading the output wrong?
- Rene
_______________________________________________
Solaris-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/solaris-users
