[OpenIndiana-discuss] Ipfilter activation

[cpforum]

By défault with a nwam/dhcp config, ipfilter do nothing even if you lauch ipfilter

with svcadm enable ipfilter because 

 

svccfg -s ipfilter:default listprop | grep firewall_config_default/policy
firewall_config_default/policy                astring  none



To activate you have to do :

 

# svccfg -s ipfilter:default setprop firewall_config_default/policy = astring: "custom"



and 

 

# svccfg -s ipfilter:default setprop firewall_config_default/custom_policy_file = astring: "/etc/ipf/ipf.conf"

# svcadm refresh ipfilter:default



 

The problem is that every time you reboot or restart nwam, firewall_config_default/custom_policy_file is changed

 

svccfg -s ipfilter:default listprop | grep custom_policy_file
firewall_config_default/custom_policy_file_6  astring  /etc/ipf/ipf6.conf
firewall_config_default/custom_policy_file    astring  /etc/nwam/loc/NoNet/ipf.conf   <<<<



 

which way to have a stable config (keeping nwam and dhcp) ?