[OpenIndiana-discuss] ipfilter doesn't read ipf.conf

Wed Feb 29 15:25:10 UTC 2012

svc:/network/ipfilter:default> listprop firewall_config_default
firewall_config_default                      com.sun,fw_configuration
firewall_config_default/apply_to             astring  
firewall_config_default/custom_policy_file   astring  
firewall_config_default/exceptions           astring  
firewall_config_default/open_ports           astring  
firewall_config_default/policy               astring  none
firewall_config_default/value_authorization  astring  solaris.smf.value.firewall.config
firewall_config_default/version              count    1
svc:/network/ipfilter:default> 

Looks like I need to set custom_policy_file to /etc/ipf/ipf.conf.
What I was asking is why this isn't set by default? /etc/ip/ipf.conf has always been the standard config file for ipfilter.

On Feb 28, 2012, at 10:20 PM, Milan Jurik wrote:

> Hi,
> 
> what do you mean by "default settings"? By default there is host-based firewall which is doing automagic and does not parse ipf.conf
> 
> Which properties in group firewall_config_default of SMF service network/ipfilter:default do you have set and how?
> 
> Best regards,
> 
> Milan
> 
> On 29.02.2012 07:01, Anil Jangity wrote:
>> Is this a known issue, should I file a bug?
>> ipfilter doesn't seem to want to read /etc/ipf/ipf.conf file(default
>> settings). Also, has anyone had any problems with sending ipmon logs
>> to syslog on 151a2?
>> 
>> I have:
>> local0.debug                                    /var/log/ipmon.log
>> and then I restarted system-log.
>> 
>> I have some rules that log data, but still not seeing anything in ipmon.log.
>> 
>> Thanks,
>> Anil
>> 
>> _______________________________________________
>> OpenIndiana-discuss mailing list
>> OpenIndiana-discuss at openindiana.org
>> http://openindiana.org/mailman/listinfo/openindiana-discuss
> 
> 
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss