Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Raptor Firewall on Solaris 7.0.4
Special Forums IP Networking Raptor Firewall on Solaris 7.0.4 Post 45125 by ireeneek on Monday 15th of December 2003 11:16:31 AM
Old 12-15-2003
Raptor Firewall on Solaris 7.0.4
I installed Raptor FW on Solaris 7.0.4. Platform is SUN V210 with at least four ethernet interfaces.
For security, normally, we turned off routing on a Unix box (which by default is ON, right?). But if it is a firewall, i'd think you'd want the SUN to route.
We aren't getting packets delivered between test PCs on different segments behind SUN's interfaces., although the PCs can ping all of the interfaces, but not past them. We're allowing all protocols, wide open .
I looked in a few /etc files and all indicators show that the OS routing has been turned OFF, and there are "post-installation" comments made by Raptor.. indicating Raptor turned off the OS routing.
Does anyone know if Raptor is supposed to turn OFF Solaris's routing feature? and if yes, how is traffic propagated among the different segments?
 

7 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Solaris Firewall

Can anyone suggest me a personal firewall for my Solaris machines I would like to go for open source not a commercial package DP (1 Reply)
Discussion started by: DPAI
1 Replies

2. Solaris

Solaris firewall?

Hi, I just recently managed to install solaris. And just today I was finally able to get it to go online, by default it wouldn't let me go online. Anyway, I was wondering where one can buy a good UNIX firewall software along the lines of Sygate or MaAffee? Do they even sell firewalls for Unix? ... (1 Reply)
Discussion started by: Lightworker1
1 Replies

3. Programming

Firewall development for Solaris

I want to develop a firewall for solaris 10. I search a lot for APIs for developing firewall But there is no helping material for it. Please tell me which APIs,Book,Tutorial I should study. Also tell me links which having details how to develop firewall for Solaris. (3 Replies)
Discussion started by: mansoorulhaq
3 Replies

4. Solaris

solaris 8 firewall

hi all, how do i verify if my solaris 8 server have firewall installed on the os? thanks in advance. (3 Replies)
Discussion started by: itik
3 Replies

5. Solaris

building solaris-based enterprise router-firewall project

hi guys, its been a while since my last visit here, could not keep up the pace on this ever changing industry :) i'd just doing my home research under vmware to make a solaris-based router-firewall using zones - doing a lot of reading about zones & review solaris zone functionality. and... (4 Replies)
Discussion started by: stdout
4 Replies

6. Solaris

how to turn on or off FIREWALL in solaris 10

hi, i am an oracle DBA and having problems with the starting of enterprise manager on solaris. one of solution is to check whether firewall is on or off so i am new bie in solaris so kindly tell me how to check the firewall in solaris 10 and how to stop it and what are effects of such... (2 Replies)
Discussion started by: janakors
2 Replies

7. Solaris

Solaris 10 8/11 As a firewall

I have a Sunfire V120 that I have Solaris 10 8/11 installed on. The two interfaces are eri0 and eri1. Eri0 is my internal 192.168.0.1 Eri1 is my external 66.160.210.209 Router ip 66.160.210.209 I have enabled routing with routeadm and I have Solaris Native DHCP installed and... (4 Replies)
Discussion started by: jlouki01
4 Replies

LEARN ABOUT PLAN9

routing

routing(7P)							     Protocols							       routing(7P)

NAME

       routing - system support for packet network routing

DESCRIPTION

       The network facilities provide general packet routing. The routing interface described here can be used to maintain the system's IPv4 rout-
       ing table. It has been maintained for compatibility with older applications. The recommended interface for maintaining the system's routing
       tables  is  the routing socket, described at route(7P).	The routing socket can be used to manipulate both the IPv4 and IPv6 routing tables
       of the system. Routing table maintenance may be implemented in applications processes.

       A simple set of data structures compose a "routing table" used in selecting the appropriate network interface  when  transmitting  packets.
       This  table contains a single entry for each route to a specific network or host. The routing table was designed to support routing for the
       Internet Protocol (IP), but its implementation is protocol independent and thus it may serve other protocols as	well.  User  programs  may
       manipulate this data base with the aid of two ioctl(2) commands, SIOCADDRT and SIOCDELRT. These commands allow the addition and deletion of
       a single routing table entry, respectively. Routing table manipulations may only be carried out by privileged user.

       A routing table entry has the following form, as defined in /usr/include/net/route.h:

       struct rtentry {
	       unit_t	rt_hash;	       /* to speed lookups */
	       struct  sockaddr rt_dst;        /* key */
	       struct  sockaddr rt_gateway;    /* value */
	       short   rt_flags;	       /* up/down?, host/net */
	       short   rt_refcnt;	       /* # held references */
	       unit_t	rt_use; 	       /* raw # packets forwarded */
       /*
	* The kernel does not use this field, and without it the structure is
	* datamodel independent.
	*/
       #if !defined(_KERNEL)
	       struct  ifnet *rt_ifp;	       /* the answer: interface to use */
       #endif				       /* !defined(_KERNEL) */
       };

       with rt_flags defined from:

       #define RTF_UP 0x1	  /* route usable */
       #define RTF_GATEWAY 0x2	  /* destination is a gateway */
       #define RTF_HOST 0x4	  /* host entry (net otherwise) */

       There are three types of routing table entries: those for a specific host, those for all hosts on a specific network,  and  those  for  any
       destination not matched by entries of the first two types, called a  wildcard route.
	Each  network  interface installs a routing table entry when  it is initialized.  Normally the interface specifies if the route through it
       is a "direct" connection to the destination host or network. If the route is direct, the transport  layer  of  a  protocol  family  usually
       requests the packet be sent to the same host specified in the packet. Otherwise, the interface may be requested to address the packet to an
       entity different from the eventual recipient; essentially, the packet is forwarded.

       Routing table entries installed by a user process may not specify the hash, reference count, use, or interface fields; these are filled	in
       by  the routing routines. If a route is in use when it is deleted, meaning its rt_refcnt is non-zero, the resources associated with it will
       not be reclaimed until all references to it are removed.

       User processes read the routing tables through the /dev/ip device.

       The rt_use field contains the number of packets sent along the route. This value is used to select among multiple routes to the same desti-
       nation. When multiple routes to the same destination exist, the least used route is selected.

       A wildcard routing entry is specified with a  zero destination address value. Wildcard routes are used only when the system fails to find a
       route to the destination host and network. The combination of wildcard routes and routing redirects can provide an economical mechanism for
       routing traffic.

ERRORS

       EEXIST		       A request was made to duplicate an existing entry.

       ESRCH		       A request was made to delete a non-existent entry.

       ENOBUFS		       Insufficient resources were available to install a new route.

       ENOMEM		       Insufficient resources were available to install a new route.

       ENETUNREACH	       The gateway is not directly reachable.  For example, it does not match the destination/subnet on any of the network
			       interfaces.

FILES

       /dev/ip		       IP device driver

SEE ALSO

       route(1M), ioctl(2), route(7P)

SunOS 5.10							    9 Nov 1999							       routing(7P)
All times are GMT -4. The time now is 10:49 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy