Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Solaris 10 8/11 As a firewall
Operating Systems Solaris Solaris 10 8/11 As a firewall Post 302636703 by jlouki01 on Tuesday 8th of May 2012 12:09:56 AM
Old 05-08-2012
Solaris 10 8/11 As a firewall
I have a Sunfire V120 that I have Solaris 10 8/11 installed on.

The two interfaces are eri0 and eri1.

Eri0 is my internal 192.168.0.1
Eri1 is my external 66.160.210.209
Router ip 66.160.210.209

I have enabled routing with routeadm and I have Solaris Native DHCP installed and configured.

I am using FireWall Builder to create my rules I've tried creating an ANY ANY rule but still not luck getting traffic to pass.

Anyone know of some hints or a place to find a reliable doc?

Also tried just creating a router but no luck there either.

I feel like I'm missing something obvious here..
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Solaris Firewall

Can anyone suggest me a personal firewall for my Solaris machines I would like to go for open source not a commercial package DP (1 Reply)
Discussion started by: DPAI
1 Replies

2. Cybersecurity

What Firewall do you use?

Just out of curiosity, I see a lot of people here use Linux IPTables as their firewall. Anyone here use something else like OpenBSD PF or *BSD IPF, IPFW? I'm quite fond of OpenBSD and their Packet Filters. I find their syntax much easier to manage and from my personal experience, I find them... (5 Replies)
Discussion started by: tarballed
5 Replies

3. IP Networking

Raptor Firewall on Solaris 7.0.4

I installed Raptor FW on Solaris 7.0.4. Platform is SUN V210 with at least four ethernet interfaces. For security, normally, we turned off routing on a Unix box (which by default is ON, right?). But if it is a firewall, i'd think you'd want the SUN to route. We aren't getting packets delivered... (1 Reply)
Discussion started by: ireeneek
1 Replies

4. Solaris

Solaris firewall?

Hi, I just recently managed to install solaris. And just today I was finally able to get it to go online, by default it wouldn't let me go online. Anyway, I was wondering where one can buy a good UNIX firewall software along the lines of Sygate or MaAffee? Do they even sell firewalls for Unix? ... (1 Reply)
Discussion started by: Lightworker1
1 Replies

5. Programming

Firewall development for Solaris

I want to develop a firewall for solaris 10. I search a lot for APIs for developing firewall But there is no helping material for it. Please tell me which APIs,Book,Tutorial I should study. Also tell me links which having details how to develop firewall for Solaris. (3 Replies)
Discussion started by: mansoorulhaq
3 Replies

6. Solaris

solaris 8 firewall

hi all, how do i verify if my solaris 8 server have firewall installed on the os? thanks in advance. (3 Replies)
Discussion started by: itik
3 Replies

7. Solaris

building solaris-based enterprise router-firewall project

hi guys, its been a while since my last visit here, could not keep up the pace on this ever changing industry :) i'd just doing my home research under vmware to make a solaris-based router-firewall using zones - doing a lot of reading about zones & review solaris zone functionality. and... (4 Replies)
Discussion started by: stdout
4 Replies

8. SuSE

Firewall

Is there a command line interface to the firewall? (4 Replies)
Discussion started by: jgt
4 Replies

9. Solaris

how to turn on or off FIREWALL in solaris 10

hi, i am an oracle DBA and having problems with the starting of enterprise manager on solaris. one of solution is to check whether firewall is on or off so i am new bie in solaris so kindly tell me how to check the firewall in solaris 10 and how to stop it and what are effects of such... (2 Replies)
Discussion started by: janakors
2 Replies

LEARN ABOUT SUNOS

rdisc

in.rdisc(1M)						  System Administration Commands					      in.rdisc(1M)

NAME

       in.rdisc, rdisc - network router discovery daemon

SYNOPSIS

       /usr/sbin/in.rdisc [-a] [-f] [-s] [send-address] [receive-address]

       /usr/sbin/in.rdisc -r [-p preference] [-T interval] [send-address] [receive-address]

DESCRIPTION

       in.rdisc remains part of the software distribution of the Solaris Operating Environment. It is, however, not used by default. in.routed(1M)
       includes the functionality provided by in.rdisc. See routeadm(1M) for details of how to specify the IPV4 routing daemon.

       in.rdisc implements the ICMP router discovery protocol. The first form of the command is used on hosts and  the	second	form  is  used	on
       routers.

       in.rdisc can be invoked in either the first form (host mode) or second form (router mode).

       On a host, in.rdisc populates the network routing tables with default routes. On a router, advertises the router to all the hosts.

   Host (First Form)
       On  a  host,  in.rdisc listens on the ALL_HOSTS (224.0.0.1) multicast address for ROUTER_ADVERTISE messages from routers. The received mes-
       sages are handled by first ignoring those listed router addresses with which the host  does  not  share	a  network.  Among  the  remaining
       addresses,  the ones with the highest preference are selected as default routers and a default route is entered in the kernel routing table
       for each one of them.

       Optionally, in.rdisc can avoid waiting for routers to announce themselves  by  sending  out  a  few  ROUTER_SOLICITATION  messages  to  the
       ALL_ROUTERS (224.0.0.2) multicast address when it is started.

       A  timer  is associated with each router address. The address will no longer be considered for inclusion in the routing tables if the timer
       expires before a new advertise message is received from the router. The address will also  be  excluded	from  consideration  if  the  host
       receives an advertise message with the preference being maximally negative or with a lifetime of zero.

   Router (Second Form)
       When in.rdisc is started on a router, it uses the SIOCGIFCONF ioctl(2) to find the interfaces configured into the system and it starts lis-
       tening on the ALL_ROUTERS multicast address on all the interfaces that support multicast. It sends out advertise messages to the  ALL_HOSTS
       multicast  address  advertising	all  its IP addresses. A few initial advertise messages are sent out during the first 30 seconds and after
       that it will transmit advertise messages approximately every 600 seconds.

       When in.rdisc receives a solicitation message, it sends an advertise message to the host that sent the solicitation message.

       When in.rdisc is terminated by a signal, it sends out an advertise message with the preference being maximally negative.

OPTIONS

       -a	       Accept all routers independent of the preference they have in their advertise messages.	Normally,  in.rdisc  only  accepts
		       (and enters in the kernel routing tables) the router or routers with the highest preference.

       -f	       Run in.rdisc forever even if no routers are found. Normally, in.rdisc gives up if it has not received any advertise message
		       after soliciting three times, in which case it exits with a non-zero exit code. If -f is not specified in  the  first  form
		       then -s must be specified.

       -r	       Act as a router, rather than a host.

       -s	       Send three solicitation messages initially to quickly discover the routers when the system is booted. When -s is specified,
		       in.rdisc exits with a non-zero exit code if it can not find any routers. This can be overridden with the -f option.

       -p preference   Set the preference transmitted in the solicitation messages. The default is zero.

       -T interval     Set the interval between transmitting the advertise messages. The default time is 600 seconds.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWroute 		   |
       +-----------------------------+-----------------------------+

SEE ALSO

       in.routed(1M), routeadm(1M), ioctl(2), gateways(4), attributes(5), icmp(7P), inet(7P)

       Deering, S.E., editor, ICMP Router Discovery Messages, RFC 1256, Network Information Center, SRI  International,  Menlo	Park,  California,
       September 1991.

SunOS 5.10							    5 Nov 2004							      in.rdisc(1M)
All times are GMT -4. The time now is 11:30 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy