Loading ...
Sorry, an error occurred while loading the content.

Re: Re: Use of Zones for routing

Expand Messages
  • David.Comay@Eng.Sun.COM
    ... Does IP Filter support the ability to firewall based on IP address? If that s the case, then you should be able to configure IP Filter from *within* the
    Message 1 of 7 , Mar 1, 2004
    • 0 Attachment
      > As far as I remember, IPFilter doesn't support virtual network
      > interfaces, which is what zones appear to use. This may have changed
      > with the 4.x versions of IPFilter that Sexpress use.

      Does IP Filter support the ability to firewall based on IP address? If
      that's the case, then you should be able to configure IP Filter from
      *within* the global zone for a particular zone(s).

      What IP Filter definitely won't allow at the moment is filtering the
      traffic that takes place on the loopback "device" which is what's used
      for inter-zone communication. That means that you cannot set up a
      firewall between zones on the same system but you should be able to set
      up firewalls between the outside world and a particular zone by setting
      it up from within the global zone.

      dsc
    Your message has been successfully submitted and would be delivered to recipients shortly.