[rescue] IPFILTER woes

Mon Feb 18 18:16:44 CST 2002

On Mon, Feb 18, 2002 at 06:34:52PM -0500, Greg A. Woods wrote:
> 
> Well since IP-Filter doesn't come native on SunOS-5.8, it would REALLY
> help if you provided all the relevant details, such as what _version_
> you're using, perhaps even what compiler you built it with, what other
> kernel modules/modifications you might have too, and even some hint as
> to what your configuration might look like (if not the entire config,
> provided you're not too worried about it being wrong and thus being
> caught unawares with your pants down!  ;-).

ugh, i'm sorry, i've been completely out of it.  you are of course, quite
right.

ipf: IP Filter: v3.4.23 (400)
Kernel: IP Filter: v3.4.23              
Running: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 1

it's the precomiled 64bit package from uhm, wherever that's from. :)  let me
look.  http://www.maraudingpirates.org/ipfilter/  i was going to try and build
my own version, but haven't had a chance yet, it's on my list of things to do.

as far as kernel modules, modifications, it's just a stock Solaris 8 box with
most features turned off.  it's running DiskSuite (mirrored disks) and IPFILTER
and that's it.  well, it runs Apache for inbound ProxyPass work, but the other
firewall didn't have that and still had the same symtoms, so i'd rule out
apache as having anything to do with it.

the config is available upon request.  i will not post it to a public forum. ;)

> So, why don't you go back to the sparc5?!?!?!?!?  It's more than
> powerful enough for any kind of firewall I can imagine -- even for a
> fairly high-speed connection (a sparc5 @ 85MHz with appropriate ethernet
> cards should easily handle a full 10Mbps connection, even with several
> dozen well crafted rules).

i seriously doubt it would solve the problem.  the thing that sets the sparc5
apart from the others, is that it was many versions ago that ran on the sparc5.
the sparc10 ran 3.4.22 so they are closely linked.  the solaris hanging issue
seems to have been going on for several revisions now, even though i don't seem
to be suffering from the same problem.

> Anyway I'd personally stay about as far away from any sparc64 stuff as
> possible, at least for production use....

i'm sorry, that's just a rude comment for rude comment's sake.  i've been
running sparc64+Solaris since they came out.  in production.  and not on my
piddly little home systems either.  from maxed out UE6500 and down.  and they
are more stable than most other hardware.  maybe not the most stable, but i've
had great luck with them.

> > does anyone have any clues at all?
> not until/unless you can give us some clues!  ;-)

well, hopefully what i passed on here should help.  otherwise it's time to
think about putting the FW version of IOS on my 2524.

-brian

-- 
"Oh, shut up Buddha."  -Jesus Christ (South Park)