12-16-2010
I was able to solve the problem but I don't understand why or how the fix works. Removing the keep state keyword seems to allow the IP fragments through.
Last edited by ilikecows; 12-16-2010 at 04:36 AM..
Reason: spelling/grammar
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
When discussing inodes and data blocks, I know Solaris creates these data blocks with a total size of 8192b, divided into eight 1024b "fragments." It stores data in "contiguous" fragments and solaris doesn't allow a file to use portions of two different fragments. If the file size permits, then the... (4 Replies)
Discussion started by: manderson19
4 Replies
2. HP-UX
how can I create a rule that will allow my machine to FTP to itself, but not allow other machines to FTP to it.. I know this sounds weird but this how they want it so they can test some application functionality that uses ftp. (2 Replies)
Discussion started by: csaunders
2 Replies
3. Solaris
Hello,
| am trying to setup ipfilter on solaris express snv_91 but I don't seem to have the following file available.
/etc/ipf/pfil.ap
Is this an older way of configuring the interface?, I have all the packages installed.
Thanks, (1 Reply)
Discussion started by: Actuator
1 Replies
4. Cybersecurity
Dears,
i am a new user for using ipfilter in solaris 10
and i have some question about this:
by using ipfilter
for example
1- i want specific MAC address able to access hotmail only
2- also i want to make 10MB for this MAC address is a max download per day
3- i am asking about using MAC... (0 Replies)
Discussion started by: coxmanchester
0 Replies
5. Solaris
Hi everybody,
I'm running on Solaris 10 X86 (update 1009).
I would like to make NAT's rule. I explain you.
On Solaris, I configure the principal interface e1000g0 with IP : 192.168.0.33
I created the first logical interface like that :
ifconfig e1000g0 addif 192.168.0.40 netmask... (0 Replies)
Discussion started by: aureliensm
0 Replies
6. Solaris
Howdy
My goal is to block locally the applications on a Solaris 10 server to access specific port on a remote machine. All attempts to access the <remote ip>:<remote port> should be rejected with ICMP port unreachable or with TCP RST.
I tried with the following:
block... (2 Replies)
Discussion started by: ralome
2 Replies
7. Shell Programming and Scripting
I have a .xml file that looks something like this :
<measInfo>
.........
string1
.........
</measInfo>
<measInfo>
......
string2
........
</measInfo>
I want to extract only the 'chunk of file' from '<measInfo>' to '</measInfo>' containing string1 (or a certain string that I... (13 Replies)
Discussion started by: black_fender
13 Replies
8. Programming
among the below socket programming api's, please let me know which are blocking and non-blocking.
socket
accept
bind
listen
write
read
close (2 Replies)
Discussion started by: VSSajjan
2 Replies
9. Solaris
I'm on OmniOS.
I have set a linux zone(lx zone) wich use 10.2.0.0/24 network.
The other network,connected to internet is 192.168.0.0/24
The network interface of 10.2.0.0/24 is bge1
The network interface of 192.168.0.0/24 is bge0
I know is more easy to use the same network but i prefer to... (1 Reply)
Discussion started by: Linusolaradm1
1 Replies
10. Shell Programming and Scripting
Code 1:
#!/bin/sh
for arg1 in "$@"
do
counter=0
for arg2 in "$@"
do
if &&
then
counter=$((counter+1))
continue
fi (8 Replies)
Discussion started by: johnprogrammer
8 Replies
LEARN ABOUT DEBIAN
netscript-compile
NET-COMPILE(8) System Manager's Manual NET-COMPILE(8)
NAME
netscript-compile - netscript ipfilter-defs compile back end.
SYNOPSIS
netcript-compile [ -fhq ] [ -b max-backup-level ]
DESCRIPTION
This manual page documents briefly the netscript-compile command from the netscript router/firewall network configuration package.
This command is the back end to the netscript compile command documented in netscript(8) manpage. See ipfilter-defs(5) for the details on
the definitions files in /etc/netscript/ipfilter-defs.
By default it checks to see if the relevant files in the /etc/netscript/ipfilter-defs directory have been updated by comparing their modi-
fication times to that of /etc/netscript/ipfilter-defs.conf, and if updating is needed, it recompiles and re-creates the file. Up to max-
backup-levels of history are kept of previously compiled /etc/netscript/ipfilter-defs.conf files, with a numeric extention in order of
increasing age.
OPTIONS
-b max-backup-level
Sets the maximum level of backups kept of previously compiled files. This defaults to 2 (see /etc/netscript/netscript-com-
pile.conf), and it is also used by the netscript(8) compile command.
-f Force compile even though compile file is up to date with definitions. The testing depends on the modification times of the defini-
tion file inodes in the file system.
-h
Show a summary of options.
-q Quiet compile. This option suppresses informational progress messages.
FILES
/etc/netscript/ipfilter-defs.conf,
/etc/netscript/ipfilter-defs-compiled.conf,
/etc/netscript/ipfilter-defs directory.
SEE ALSO
ipfilter-defs(5), netscript(8).
AUTHOR
This manual page was written by Matthew Grant <grantma@anathoth.gen.nz>, for the Debian GNU/Linux system (but may be used by others).
BUGS
I wrote this manpage when I was not half asleep...
March 25, 2003 NET-COMPILE(8)