[oi-dev] Problem With Zone Networking
Jim Klimov
jimklimov at cos.ru
Mon Oct 15 13:02:04 UTC 2012
2012-10-15 8:08, Nick Zivkovic пишет:
> Changing the host and ipnodes lines in nsswitch.conf to "files dns",
> does solve the name resolution problem from within a zone.
>
> Thanks!
>
> Unfortunately, ipfilter still gets disabled. `svcs -xv` states that
> ipfilter was temporarily disabled by the administrator.
>
> I am the only administrator on the box, and I did not disable it. So
> clearly something else is doing something behind my back...
>
> The log file (network-ipfilter:default.log) says: "stopping because
> dependency activity requires stop".
>
> I have no idea how to interpret this message.
As a wild guess, do you use static networking config or NWAM?
I haven't used the latter, but from what I've heard, it can
influence ipfilter by applying various firewall profiles to
various networks it thinks it finds itself attached to. So it
might disable firewall (and NAT) while it is detecting the
network and whether it matches some known profile.
//Jim
More information about the oi-dev
mailing list