|
|
Sponsored Content
Operating Systems
Solaris
Solaris 10 8/11 As a firewall
Post 302636739 by DukeNuke2 on Tuesday 8th of May 2012 12:56:53 AM
05-08-2012
|
|
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Can anyone suggest me a personal firewall for my Solaris machines
I would like to go for open source not a commercial package
DP (1 Reply)
Discussion started by: DPAI
1 Replies
2. Cybersecurity
Just out of curiosity, I see a lot of people here use Linux IPTables as their firewall.
Anyone here use something else like OpenBSD PF or *BSD IPF, IPFW?
I'm quite fond of OpenBSD and their Packet Filters. I find their syntax much easier to manage and from my personal experience, I find them... (5 Replies)
Discussion started by: tarballed
5 Replies
3. IP Networking
I installed Raptor FW on Solaris 7.0.4. Platform is SUN V210 with at least four ethernet interfaces.
For security, normally, we turned off routing on a Unix box (which by default is ON, right?). But if it is a firewall, i'd think you'd want the SUN to route.
We aren't getting packets delivered... (1 Reply)
Discussion started by: ireeneek
1 Replies
4. Solaris
Hi, I just recently managed to install solaris. And just today I was finally able to get it to go online, by default it wouldn't let me go online. Anyway, I was wondering where one can buy a good UNIX firewall software along the lines of Sygate or MaAffee? Do they even sell firewalls for Unix? ... (1 Reply)
Discussion started by: Lightworker1
1 Replies
5. Programming
I want to develop a firewall for solaris 10. I search a lot for APIs for developing firewall But there is no helping material for it. Please tell me which APIs,Book,Tutorial I should study. Also tell me links which having details how to develop firewall for Solaris. (3 Replies)
Discussion started by: mansoorulhaq
3 Replies
6. Solaris
hi all,
how do i verify if my solaris 8 server have firewall installed on the os?
thanks in advance. (3 Replies)
Discussion started by: itik
3 Replies
7. Solaris
hi guys,
its been a while since my last visit here,
could not keep up the pace on this ever changing industry :)
i'd just doing my home research under vmware to make a solaris-based router-firewall using zones - doing a lot of reading about zones & review solaris zone functionality.
and... (4 Replies)
Discussion started by: stdout
4 Replies
8. SuSE
Is there a command line interface to the firewall? (4 Replies)
Discussion started by: jgt
4 Replies
9. Solaris
hi,
i am an oracle DBA and having problems with the starting of enterprise manager on solaris. one of solution is to check whether firewall is on or off
so i am new bie in solaris so kindly tell me how to check the firewall in solaris 10 and how to stop it and what are effects of such... (2 Replies)
Discussion started by: janakors
2 Replies
LEARN ABOUT FREEBSD
if_gre
GRE(4) BSD Kernel Interfaces Manual GRE(4) NAME
gre -- encapsulating network device SYNOPSIS
To compile the driver into the kernel, place the following line in the kernel configuration file: device gre Alternatively, to load the driver as a module at boot time, place the following line in loader.conf(5): if_gre_load="YES" DESCRIPTION
The gre network interface pseudo device encapsulates datagrams into IP. These encapsulated datagrams are routed to a destination host, where they are decapsulated and further routed to their final destination. The ``tunnel'' appears to the inner datagrams as one hop. gre interfaces are dynamically created and destroyed with the ifconfig(8) create and destroy subcommands. This driver corresponds to RFC 2784. Encapsulated datagrams are prepended an outer datagram and a GRE header. The GRE header specifies the type of the encapsulated datagram and thus allows for tunneling other protocols than IP. GRE mode is also the default tunnel mode on Cisco routers. gre also supports Cisco WCCP protocol, both version 1 and version 2. The gre interfaces support a number of additional parameters to the ifconfig(8): grekey Set the GRE key used for outgoing packets. A value of 0 disables the key option. enable_csum Enables checksum calculation for outgoing packets. enable_seq Enables use of sequence number field in the GRE header for outgoing packets. EXAMPLES
192.168.1.* --- Router A -------tunnel-------- Router B --- 192.168.2.* / / +------ the Internet ------+ Assuming router A has the (external) IP address A and the internal address 192.168.1.1, while router B has external address B and internal address 192.168.2.1, the following commands will configure the tunnel: On router A: ifconfig greN create ifconfig greN inet 192.168.1.1 192.168.2.1 ifconfig greN inet tunnel A B route add -net 192.168.2 -netmask 255.255.255.0 192.168.2.1 On router B: ifconfig greN create ifconfig greN inet 192.168.2.1 192.168.1.1 ifconfig greN inet tunnel B A route add -net 192.168.1 -netmask 255.255.255.0 192.168.1.1 NOTES
The MTU of gre interfaces is set to 1476 by default, to match the value used by Cisco routers. This may not be an optimal value, depending on the link between the two tunnel endpoints. It can be adjusted via ifconfig(8). For correct operation, the gre device needs a route to the decapsulating host that does not run over the tunnel, as this would be a loop. The kernel must be set to forward datagrams by setting the net.inet.ip.forwarding sysctl(8) variable to non-zero. SEE ALSO
gif(4), inet(4), ip(4), me(4), netintro(4), protocols(5), ifconfig(8), sysctl(8) A description of GRE encapsulation can be found in RFC 2784 and RFC 2890. AUTHORS
Andrey V. Elsukov <ae@FreeBSD.org> Heiko W.Rupp <hwr@pilhuhn.de> BUGS
The current implementation uses the key only for outgoing packets. Incoming packets with a different key or without a key will be treated as if they would belong to this interface. The sequence number field also used only for outgoing packets. BSD
November 7, 2014 BSD