My original question was:
We just discovered that our spanking new Gauntlet firewall will not block
ICMP packets that originate from the firewall computer. We have a security
requirement to do so, so we may end up going with a different firewall.
Until we do, or if for some reason we must continue to use Gauntlet, is it
possible to disable the ICMP protocol inside Solaris 2.6? Thanks for any
help and I will summarize.
***************************************************************************
Thanks for all the replies. Although I didn't get any definitive responses
I'm satisfied that the answer is no, not without disabling the entire TCP/IP
stack.
Here is a suggestion from Hellmerichs-Friedrich Jens [hellmjns@kat.ina.de]
that I plan to investigate:
try to use IP-Filter, it works for Solaris. I tried it last with Solaris
2.5.1, but i think it works with 2.6 also.
Check out http://coombs.anu.edu.au/~avalon/
You may also want to check out my Firewall Configuration Tool to use it,
have a look at http://friedrich-net.de
Jonathan Anspach
Senior Software Engineer
Jaycor
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:13:26 CDT