Re: Solaris 10+ipfilter how-to (revised)

This is a discussion on Re: Solaris 10+ipfilter how-to (revised) within the IPFilter forums, part of the System Security and Security Related category; > >>Darren, what is pfild and how come the public-domain version doesn't >>come with ...


Go Back   Usenet Forums > System Security and Security Related > IPFilter

Reload this Page Re: Solaris 10+ipfilter how-to (revised)

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 09-30-2005
Michael Lim
 
Posts: n/a
Default Re: Solaris 10+ipfilter how-to (revised)

>
>>Darren, what is pfild and how come the public-domain version doesn't
>>come with it?
>
>
> pfild is there because the pfil kernel module cannot access data in the
> same manner as the open source code can. This is due to restrictions on
> what APIs within IP you are allowed to officially use within Solaris
> products. Open source software can just use whatever the hell it wants
> in order to function :)
>
> Darren

Darren's being polite.

Basically Solaris doesn't officially provide APIs required by packet
filters. Fortunately, enough is known about Solaris internals that
he's been able to figure out how to work around this problem.

Sunscreen (Sun's old packet filter) and Checkpoint FW-1 have exactly
the same problem.

-Mike

Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 08:38 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0