You can re-enable packet filtering after it has been temporarily disabled.
Assume a role that includes the IP Filter Management rights profile, or become superuser.
You can assign the IP Filter Management rights profile to a role that you create. To create the role and assign the role to a user, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.
Enable Solaris IP Filter and activate filtering using one of the following methods:
Reboot the machine.
# reboot |
When IP Filter is enabled, after a reboot the following files are loaded if they are present: the /etc/ipf/ipf.conf file, the /etc/ipf/ipf6.conf file when using IPv6, or the /etc/ipf/ipnat.conf.
Perform the following series of commands to enable Solaris IP Filter and activate filtering:
Enable Solaris IP Filter.
# ipf -E |
Activate packet filtering.
# ipf -f filename |
(Optional) Activate NAT.
# ipnat -f filename |
Network Address Translation (NAT) does not support IPv6.