[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: IPFilter breaks CDE?
From:       "Stuart Remphrey" <stuart.remphrey () rmit ! edu ! au>
Date:       2006-10-01 10:38:18
Message-ID: 4520273B0200004D00017790 () its-gw-inet57 ! its ! rmit ! edu ! au
[Download RAW message or body]

Sean,

Odd, since if it's local traffic it should be via lo0,
which on Solaris isn't even filtered by pfil; the IP stack
short circuits the packet flow as a performance optimisation,
in fact the STREAMS module doesn't even get loaded.

Something stuffing up tooltalk perhaps (ttsession et al)?

Guess you could try "ifconfig -a modlist", check for pfil,
try modinsert pfil@2 and/or modremove'ing it and seeing
how the behaviour changes (or whether it does).

We run Solaris 9 and 10, with IP Filter (few versions, 4.1.8
I think is latest), but haven't seen this problem...

Rgds, Stuart.


>>> "Sean Caron" <caron.sean@gmail.com> 30/09/06 7:27 AM >>>
On further evaluation, it looks like it might be an issue with "pfil".
When I remove the rc scripts that start both pfil and ipf from /etc
and move the modules out of their respective directories (/kernel,
/usr/kernel), the system starts working normally again. When I just
enable pfil -- copy back only those rc scripts and kernel module --
the behaviour starts again.

Has anyone seen this before?

Or -- is anyone aware of a binary package for pfil? I have found
binary packages for ipf -- is this included? I don't recall at the
moment and the system is at my office.. but I am pretty sure I
remember having to install my own pfil with the binary ipf package
that I used, and if my pfil is bad after all, then I probably need to
start there.

Thanks again,

Sean

[prev in list] [next in list] [prev in thread] [next in thread]