ipfilter Solaris 10


I have started to replace a old SS10(which I set up a long time ago) as our company firewall using ipfilter v3.4.30 to a "new" Ultra 5 and Solaris 10.

After moved the ipf.conf and ipnat.conf from the old box to the new and enabled ipfil and ipfilter but I can't ssh from Internet to our Intranet using ssh!

My first qustion is if ip_forwarding is not needed in S10 and the supplied ipfilter?

I also remember a /etc/notrouter but.. that is not present on my old box either so my memory is maybe fading.



Relevant Pages

  • Solaris 10 ipfilter on sshd across a virtual interface (eri0:1)
    ... I would like to drop all but ssh on the virtual interface eri0:1. ... Eri0:1 is a zone on the server. ... Perhaps ipfilter doesn't allow filtering across virtual zones? ... pass out quick proto tcp all flags S/SA keep state group 150 ...
  • Strange problem of ipfilter
    ... I got strange problem ipfilter on FreeBSD 6.2-STABLE. ... machine running 7 days until 10 days, I can't access DNS, sometime ... SSH, and etc, to my box, but this happen randomly. ...
  • ssh and ipfilter
    ... I've got a freebsd box acting as a router/nat gateway using ipfilter. ... I've got a box behind it to which i want all external ssh ...
  • Re: solaris router/firewall
    ... >>I have an ultra 5 with two ethernet interfaces. ... >>connection I would like to use the server as firewall. ... > a SPARCstation running Solaris 7 and ipfilter. ... Yup only on an Ultra 60, Solaris 9, ipfilter, cable modem, as per Rich's ...