03-21-2002
I believe that iptables is Linux only. It's support is built into the kernel...
You could always have a very inexpensive man-in-the-middle Linux box between the Solaris machine and a public network.
I've never used it, but I think Sun has a product called SunScreen...
Anyone here use it?
8 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have already compiled the kernel and configured it to run as a firewall. My computer has 2 NICs and is on two seperate networks. I can ping both networks from my computer, but workstations on one network can not ping workstations on the other.
What Scripts or commands do I need to install ? (2 Replies)
Discussion started by: Deuce
2 Replies
2. UNIX for Dummies Questions & Answers
Do I HAVE to have a Sun Sparc type keyboard?
Ive got an Ultra Sparc workstation I got from EBAY that was supposted to be working. This box has a PS2 AND Sparc's odd looking keyboard port.
Does my system have a switch in the BIOS simmilar to the x86 "Halt on keyboard error?" ...Or maybe a... (5 Replies)
Discussion started by: Curt
5 Replies
3. UNIX for Dummies Questions & Answers
I am a novice to linux and unix and command line, I am willing to jump in head first. I have a couple older computers, one is a dell XPS with a P2 Proccessor and th other is a old old sony VIAO. I have a small home network 3 computers...i have my DSL modem then thats connected to my wireless... (2 Replies)
Discussion started by: Tabryan07
2 Replies
4. Shell Programming and Scripting
Hello all !
I'm trying to write a shell script (bash) to ftp a file starting with particular name like "Latest_" that is present on a Windows box to UNIX server. Basically I want to set this script in the cron so that daily the new build that is posted on the Windows box can be downloaded to the... (2 Replies)
Discussion started by: vijayb4u83
2 Replies
5. Solaris
I have a Solaris 10 Sparc box that has suddenly stopped allowing users to ssh into the box. I've connected a laptop and can access the box as root using a serial connector. While performing the command svcs -xv, this is my output:
maintenance 13:29:49 svc:/system/basicreg:default... (4 Replies)
Discussion started by: goose25
4 Replies
6. Shell Programming and Scripting
Team,
Presently I have a script, which i have set up cron on one of my Jump-boxes,and gives me the output on every hourly basis,fetching the data from the remote machine.Basically it gives me the list of all active users logged and its count once we execute the script.Here the count is... (6 Replies)
Discussion started by: whizkidash
6 Replies
7. How to Post in the The UNIX and Linux Forums
Hello my dear friends,
Two file are auto generated from mon - fri at different directories on same windows box.Every day i have to copy the file, rename it (specific name)and ftp it to linux box specified directory.
is it possible to automate this process,If yes this has to be done from windows... (1 Reply)
Discussion started by: umesh yadav
1 Replies
8. Solaris
What's the cheapest box to study for the Solaris tests with? The obvious answer is a T1000, but IIRC they have no CD/DVD and have to be jumpstarted. What's cheap that can run Solaris 11 and that doesn't require anything but itself? (5 Replies)
Discussion started by: jnojr
5 Replies
LEARN ABOUT OPENSOLARIS
if.conf
NETSCRIPT-2.2.conf(5) File Formats Manual NETSCRIPT-2.2.conf(5)
NAME
/etc/netscript/network.conf - interface, firewalling, and QoS configuration file.
/etc/netscript/if.conf - interface setup shell script file
/etc/netscript/qos.conf - QoS setup shell script file
/etc/netscript/ipfilter.conf - IP chains filtering shell script file
/etc/netscript/srvfilter.conf - server IP filter shell script file
DESCRIPTION
This manpage is a place holder until something better is written when the netscript itself has stopped changing rapidly.
Please see the README file in the /etc/netscript directory, and READ the configuration files if you need to change them. Apart from net-
work.conf, all of them contain sh (1) shell script functions which are there so that various things can be altered or hooked in at the
right place. Network.conf contains the full network setup details, including special interface setup for the likes of ciped/pppd/wanconfig,
and is fully commented with examples given.
UPGRADE PATH FROM KERNEL 2.2.X
The firewall/IP filtering stuff in ipfilter.conf is the part that changed radically with the move to iptables and a far better way of set-
ting up the IP filtering rules, however the QoS and interface startup/shutdown in if.conf have changed but are backwards compatible with
the old 2.2.x ipchains version of netscript for the interface address configuration settings. You will have to set up the filtering again
to use iptables by directly using the iptables commands.
Also, the kernel 2.2.x version scripts are set up so that iptables is only run on a 2.4.x kernel, otherwise IP forwarding is disabled if
beforehand you set IPFWDING_KERNEL to FILTER_ON in network.conf.
This means that when you upgrade a box to a 2.4.x router kernel, you should then be able to reboot it and log into remotely and upgrade
netscript to the version that will support 2.4.x. In this situation, if you have set old IPFWDING_KERNEL setting to FILTER_ON beforehand
in network.conf, all IP forwarding through the box will also be disabled. This means that you can safely remotely upgrade a firewall.
SEE ALSO
netscript(8), ipchains(8), iproute(8), brcfg(8).
AUTHOR
This manual page was written by Matthew Grant <grantma@anathoth.gen.nz>, for the Debian GNU/Linux system (but may be used by others).
BUGS
The author is lazy. He needs to write btter man pages...
November 23, 2000 NETSCRIPT-2.2.conf(5)