HOWTO: Enabling the Firewall on Solaris 10
I’ve got a Solaris 10 Ferrari laptop that, until now, has been relatively safe (umm, right) attached to Sun’s internal network or my home network. Now I plan on making it more promiscuous by attaching to random wireless networks, so I looked at enabling the software firewall IPFilter (conveniently part of Solaris 10 now). Its straightforward, but I didn’t run across any equally straightforward documentation. Here it is in two steps:
1. IPFilter looks for configuration by default in /etc/ipf. The two big ones are: pfil.ap which is where you define the network interface(s) you want IPF to monitor- this one just monitors ’em all, and ipf.conf (courtesy of Darren Moffatt) which is the list of firewall rules. If you’re running a simple desktop, not server functions, then this ipf.conf should work for you- blocking everything but SSH.
2. Once you’ve got your config files set, starting IPF is as simple as starting a service- gotta love Solaris 10: % svcadm enable ipfilter
You may need to reboot for it to take affect, even though ipfstat, svcs, and ifconfig all checked out okay. YMMV. Afterwards, you may want to verify you’re rules are in affect: nmap -v -sS -O [hostname] and you should be good to go.
