SUMMARY: Firewalling under Solaris 9

From: Daniel Baldoni <>
Date: Thu Nov 27 2003 - 21:55:07 EST
G'day folks,

Firstly, here's a snippet from my original question:
>I was under the mistaken belief that iptables could be built/installed under
>Solaris but a look through its (iptables') documentation reveals no mention
>of anything other than Linux.
>So, my question is simply:
>      Are there any "lightweight" (yes, I know it's a bit of a misnomer)
>      firewall solutions for Solaris 9?  I'd really like to avoid SunScreen
>      as the machine this is targeted for will be headless and has a very
>      minimal installation.

As always, the responses were thick and fast - with one "real" answer
arriving while the "Out of Office" replies were still coming in (I had to get
my gripe in).

Anyhow, thanks to all of:
	Andrew Hay, Jim Seymour, John Ballard, Jerry Kemp, Paul Greidanus,
	John Benjamins, Deborah Crocker, Ron Markel, Chris Pinnock, 
	Jose Luis Martinez, Paul Yoshimune, Rik Schneider, Kevin Sindhu,
	Steve Maher, Gertjan Hagenaars, Glenn Harrison, Dave Dunaway,
	Gabriel Rosenkoetter

All of these people pointed to IPFilter (
I have actually used this before (some time back) but the recent work I've
done on SUN boxes in this type of role has always used SunScreen (without
wanting to start a FOSS war, managers still prefer "commercial support").

Several people mentioned that a GUI isn't necessary to manage SunScreen.
I am aware of that - my question was poorly phrased, I wanted to stress
the "lightweight" aspect of other solutions (i.e. iptables, ipfilter - no
I won't confuse them again).

Honourable mentions also go to:
	Rik Kulawiec - TIS FWTK (does anybody still put this into new
	Dave Dennis - Berkeley Packet Filter (not something I would have
		ever considered)
	Jim Winkle, Robert Milkowski, Roy Culley - SunScreen

To sum up (that's what a summary is for, after all <grin>), IPfilter is the
way to go.  And, that's what I grabbed and compiled (by the way, if you're
trying to build this on a "minimalist machine", don't forget to install
SUNWarc, SUNWarcx, SUNWbtoo and SUNWbtoox).

As always thanks everybody.  Ciao.

Daniel Baldoni BAppSc, PGradDipCompSci                 |  Technical Director
require 'std/'                            |  LcdS Pty. Ltd.
-------------------------------------------------------+  856B Canning Hwy
Phone/FAX:  +61-8-9364-8171                            |  Applecross
Mobile:     041-888-9794                               |  WA 6153
URL:                    |  Australia
"Any time there's something so ridiculous that no rational systems programmer
 would even consider trying it, they send for me."; paraphrased from "King Of
 The Murgos" by David Eddings.  (I'm not good, just crazy)
sunmanagers mailing list
Received on Thu Nov 27 21:58:38 2003

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:24 EST