{"id":1471,"date":"2022-06-14T12:23:03","date_gmt":"2022-06-14T12:23:03","guid":{"rendered":"\/blog\/?p=1471"},"modified":"2022-06-14T12:23:04","modified_gmt":"2022-06-14T12:23:04","slug":"solaris-11-pf-firewall","status":"publish","type":"post","link":"\/blog\/index.php\/solaris-11-pf-firewall\/","title":{"rendered":"Solaris 11 PF firewall"},"content":{"rendered":"\n<p>The configuration file is kept in \/etc\/firewall\/pf.conf<br><br><\/p>\n\n\n\n<p><code>search sylvamo.com<br>nameserver 10.177.0.13<br>nameserver 10.176.0.4<\/code><\/p>\n\n\n\n<p><code>ipadm create-ip vnic28<br>ipadm create-addr -T static -a local=10.181.20.87\/24 vnic28\/v4<br>route -p add default 10.181.20.1<\/code><\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p><code>> \/etc\/firewall\/pf.conf<br>vi \/etc\/firewall\/pf.conf<br>svcadm enable firewall<br>svcs -x firewall<\/code><\/p><\/blockquote>\n\n\n\n<p><code>block out all<br>block in all<br>pass in from 10.177.0.0\/24 #----vdi<br>pass in from\u00a0 10.181.20.0\/24\u00a0 #----- local colo<br>pass out to 10.181.20.0\/24 #----- local colo<br>#----- all below are AD DC<br>pass out to 10.177.0.13<br>pass out to 10.140.164.157<br>pass out to 10.177.0.13<br>pass out to 10.176.0.5<br>pass out to 10.179.0.12<br>pass out to 10.140.168.137<br>pass out to 10.179.0.11<br>pass out to 10.140.12.73<br>pass out to 10.178.0.5<br>pass out to 10.177.0.14<br>pass out to 10.178.0.4<br>pass out to 10.21.34.11<br>pass out to 10.21.155.11<br>pass out to 10.20.90.10<br>pass out to 10.21.155.10<br>pass out to 10.176.0.4<br>pass out to 10.140.64.39<br>pass out to 10.140.76.71<br>pass out to 10.21.34.10<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The configuration file is kept in \/etc\/firewall\/pf.conf search sylvamo.comnameserver 10.177.0.13nameserver 10.176.0.4 ipadm create-ip vnic28ipadm create-addr -T static -a local=10.181.20.87\/24 vnic28\/v4route -p add default 10.181.20.1 > \/etc\/firewall\/pf.confvi \/etc\/firewall\/pf.confsvcadm enable firewallsvcs -x firewall block out allblock in allpass in from 10.177.0.0\/24 #&#8212;-vdipass in from\u00a0 10.181.20.0\/24\u00a0 #&#8212;&#8211; local colopass out to 10.181.20.0\/24 #&#8212;&#8211; local colo#&#8212;&#8211; all below are [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1471","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1471","targetHints":{"allow":["GET"]}}],"collection":[{"href":"\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1471"}],"version-history":[{"count":1,"href":"\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1471\/revisions"}],"predecessor-version":[{"id":1472,"href":"\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1471\/revisions\/1472"}],"wp:attachment":[{"href":"\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1471"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1471"},{"taxonomy":"post_tag","embeddable":true,"href":"\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1471"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}