From 7ddce99911fbb5e44b38ac65e991a22e42267ee9 Mon Sep 17 00:00:00 2001 From: Hans Rosenfeld Date: Fri, 13 Feb 2015 12:46:42 +0100 Subject: 6123 SMF ipfilter support needs improvement Reviewed by: Toomas Soome Reviewed by: Attila Fülöp Reviewed by: Cody Mello Approved by: Dan McDonald MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- usr/src/cmd/ipf/svc/ipfilter | 18 +++-- usr/src/cmd/ipf/svc/ipfilter.xml | 148 ++++++++++++++++++++++++++++++++++++++- 2 files changed, 158 insertions(+), 8 deletions(-) (limited to 'usr/src/cmd/ipf') diff --git a/usr/src/cmd/ipf/svc/ipfilter b/usr/src/cmd/ipf/svc/ipfilter index 6be1eeb7cc..2e6f2189f6 100644 --- a/usr/src/cmd/ipf/svc/ipfilter +++ b/usr/src/cmd/ipf/svc/ipfilter @@ -23,6 +23,8 @@ # Copyright 2009 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # +# Copyright 2016 Hans Rosenfeld +# . /lib/svc/share/smf_include.sh . /lib/svc/share/ipf_include.sh @@ -48,6 +50,7 @@ logmsg() load_ipf() { bad=0 ipf -IFa + ipf -6IFa for file in $IPFILOVRCONF $CONF_FILES $IPFILCONF; do if [ -r ${file} ]; then @@ -60,13 +63,16 @@ load_ipf() { fi done - if [ -r ${IP6FILCONF} ]; then - ipf -6IFa -f ${IP6FILCONF} - if [ $? != 0 ]; then - echo "$0: load of ${IP6FILCONF} into alternate set failed" - bad=1 + for file in $IP6FILOVRCONF $CONF6_FILES $IP6FILCONF; do + if [ -r ${file} ]; then + ipf -6I -f ${file} + if [ $? != 0 ]; then + echo "$0: load of ${file} into alternate set failed" + bad=1 + fi fi - fi + done + if [ $bad -eq 0 ] ; then ipf -s -y return 0 diff --git a/usr/src/cmd/ipf/svc/ipfilter.xml b/usr/src/cmd/ipf/svc/ipfilter.xml index 4729deb085..e4a70405c1 100644 --- a/usr/src/cmd/ipf/svc/ipfilter.xml +++ b/usr/src/cmd/ipf/svc/ipfilter.xml @@ -2,6 +2,7 @@