How to Deactivate Packet Filtering (System Administration Guide: IP Services)

System Administration Guide: IP Services

How to Deactivate Packet Filtering

The following procedure deactivates Solaris IP Filter packet filtering by flushing the packet filtering rules from the active filtering rule set. The procedure does not disable Solaris IP Filter. You can reactivate Solaris IP Filter by adding rules to the rule set.

Assume a role that includes the IP Filter Management rights profile, or become superuser.

You can assign the IP Filter Management rights profile to a role that you create. To create the role and assign the role to a user, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.

Use one of the following methods to deactivate Solaris IP Filter rules:
- Remove the active rule set from the kernel.
  # ipf -Fa
  This command deactivates all packet filtering rules.
- Remove incoming packet filtering rules.
  # ipf -Fi
  This command deactivates packet filtering rules for incoming packets.
- Remove outgoing packet filtering rules.
  # ipf -Fo
  This command deactivates packet filtering rules for outgoing packets.