[OpenIndiana-discuss] How to tell nwam to use the firewall rules in /etc/ipf/ipf.conf ?

[Marc Lobelle]

Hello,

I defined firewall rules for ipfilter in /etc/ipf/ipf.conf.

However, I use nwam and, at boot time, nwam wipes out all firewall rules 
and imposes its own: block everything excpt dhcp in the NoNet situation 
and no rules at all when a network interface is active.

The NoNet rules can be replaced by my own rules by copying 
/etc/ipf/ipf.conf in /etc/nwam/loc/NoNet/ipf.conf, but this is useless 
because it is replaced by nothing at all when a network interface is 
activated. Therefore I removed this change.

I tried to add to /etc/nwam/loc/create_loc_auto a line "set 
ipfilter-config-file=/etc/ipf/ipf.conf" similar to the line in 
create_loc_NoNet: "set ipfilter-config-file=/etc/nwam/loc/NoNet/ipf.conf"

But this does not change the behaviour.

How can I tell nwam to use ipf.conf ?

Thanks for your help.

Marc

Below is part of the list of files including nwam in their name

ml at mosquito:/etc/nwam# locate nwam|more
/etc/nwam
/etc/gconf/schemas/nwam-manager.schemas
/etc/nwam/loc
/etc/nwam/loc.conf
/etc/nwam/ncp-Automatic.conf
/etc/nwam/loc/Legacy
/etc/nwam/loc/NoNet
/etc/nwam/loc/User
/etc/nwam/loc/create_loc_auto
/etc/nwam/loc/create_loc_nonet
/etc/nwam/loc/Legacy/nsswitch.conf
/etc/nwam/loc/Legacy/resolv.conf
/etc/nwam/loc/NoNet/ipf.conf
/etc/nwam/loc/NoNet/ipf.conf.dfl
/etc/nwam/loc/NoNet/ipf6.conf
/etc/nwam/loc/NoNet/ipf6.conf.dfl
/etc/nwam/loc/User/nsswitch.conf
/lib/libnwam.so
/lib/libnwam.so.1
/lib/inet/nwamd
*/lib/svc/method/net-nwam*
/usr/bin/nwam-manager-properties
/usr/include/libnwam.h
/usr/lib/nwam-manager
/usr/lib/nwam-manager-properties
/usr/sbin/nwamadm
/usr/sbin/nwamcfg
/usr/share/nwam-manager
/usr/share/applications/nwam-network.desktop
/usr/share/gnome/help/nwam-manager