summary "Building a firewall gateway using Solaris 2.4 forx86."

From: Chiaki Ishikawa (
Date: Wed Jun 21 1995 - 08:35:44 CDT

(This is a brief summary of the answers to my question I posted to
firewall mailing list and comp.sys.sun.* newsgroups. Unfortunately, I
forgot to ask the question to the probably most relevant newsgroup
namely, comp.unix.solaris! So I am sending this to who
have helped me write this brief summary as well as posting this to the
comp.unix.solaris newsgroup to obtain more info if possible.)

SUBJECT: Sumary to my question "Building a firewall gateway using Solaris 2.4 for x86."

My original question:

        Has anyone built a two-homed (two network interfaces) host for
        firewall/gateway application using Solaris 2.4 for x86 on
        Intel CPU hardware?

        How easy is it to compile
        TIS Firewall Toolkit,
        CERN httpd,
        WU-FTP, and other tools?

        Performance issues?

The summary of responses I got is as follows.

Yes: Some people have built a firewall using Solaris 2.4 for x86.
     It worked great.

TIS Firewall toolkit:
        Someone answered it compiled fine on Solaris 2.4 for x86 with

CERN httpd: ? My guess is it will compile fine.

wu-ftp: ? My guess is it will compile fine.

chrootuid: ? My guess is it will compile fine.

        Someone mentioned that since Solaris 2.4 for X86 uses the same
        source code tree for Sparc, these should compile just fine.
        (I compiled these on Solaris 2.4 on Sparcstation 5 and it went
        without hitches. TIS Firewall toolkit requires sol2 patch.)

Commercial Package:
        I have also learned that FIREWALL-1 commercial package is available
        for Solaris 2.4 for x86 platform.

        contact: info@CheckPoint.COM

General Recomendation:

        Larger the memory, the better.
        SCSI interface is better for Solaris (UNIX in general.)

        I am advised that it is very important to stick to hardware
        listed in Sun's hardware compatibility list. This list is available
        from many sources including sending a mail To:
        It is a good idea to choose a hardware item that was approved
        six months ago than the one that was approved last week.
        This way you can avoid subtle compatibility problems.

        (I am not sure if the horror compatibility stories I read in
        PC-related newsgroups are not experienced by Solaris x86 users
        regarding IRQ/DMA/IO port assignment and such.)

[Any addtional tips are welcome. Please e-mail me. I will summarize in

     Chiaki Ishikawa             
    Personal Media Corp.                  
  Shinagawa, Tokyo, Japan 141

|It's reported that Canter & Siegel search for and archive all articles |that contain their names or "Green Card". This .sig is to help them.

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:10:27 CDT