System Administration Guide: IP Services

ProcedureHow to Re-Enable Oracle Solaris IP Filter

You can re-enable packet filtering after it has been temporarily disabled.

  1. Assume a role that includes the IP Filter Management rights profile, or become superuser.

    You can assign the IP Filter Management rights profile to a role that you create. To create the role and assign the role to a user, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.

  2. Enable Oracle Solaris IP Filter and activate filtering using one of the following methods:

    • Reboot the machine.

      # reboot

      Note –

      When IP Filter is enabled, after a reboot the following files are loaded if they are present: the /etc/ipf/ipf.conf file, the /etc/ipf/ipf6.conf file when using IPv6, or the /etc/ipf/ipnat.conf.

    • Perform the following series of commands to enable Oracle Solaris IP Filter and activate filtering:

      1. Enable Oracle Solaris IP Filter.

        # ipf -E
      2. Activate packet filtering.

        # ipf -f filename
      3. (Optional) Activate NAT.

        # ipnat -f filename

        Note –

        Network Address Translation (NAT) does not support IPv6.