[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: What happens if IP Filter fails?
From:       Blaster <Blaster () 556nato ! com>
Date:       2010-09-25 12:49:12
Message-ID: 18883_1285419540_4C9DF214_18883_19455_1_4C9DEFC8.2050904 () 556nato ! com
[Download RAW message or body]

  IPFilter doesn't "fail".  It's not a process that can die.  It's a 
kernel module.  If it "dies" the system panics and you have no Solaris.

I've been using IPFilter for 15 years, it's never "failed".


On 9/24/2010 10:51 AM, J. Joseph Felten wrote:
> Sorry if this is obvious to IP Filter veterans.  I searched the FAQ
> and Solaris IP Filter documentation and the mailing list etc. etc. and
> have not found an answer.
>
> I've created a very simple IP Filter rules set on Solaris 10 to block
> access to a particular port from particular IP addresses.  This works
> well but what happens if IP Filter fails in some way (perhaps putting
> the service in to a maintenance state)?  Isn't the kernel module's
> default to pass all?


[prev in list] [next in list] [prev in thread] [next in thread]