Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

System Administration Guide: IP Services
Previous Next

Packet Filter Hooks

Beginning with the Solaris Express, Developer Edition 2/07 release, packet filter hooks replace the pfil module to enable Solaris IP filter. In previous Solaris releases, configuration of the pfil module was required as an additional step to set up Solaris IP Filter. This extra configuration requirement increased the risk of errors that would cause Solaris IP Filter to work improperly. The insertion of the pfil STREAMS module between IP and the device driver also caused performance degradation. Lastly, the pfil module could not perform packet interception between zones.

The use of packet filter hooks streamlines the procedure to enable Solaris IP Filter. Through these hooks, Solaris IP Filter uses pre-routing (input) and post-routing (output) filter taps to control packet flow into and out of the Solaris system.

Packet filter hooks eliminate the need for the pfil module. Thus the following components that are associated with the module are also removed.

  • pfil driver

  • pfil daemon

  • svc:/network/pfil SMF service

For tasks associated with enabling Solaris IP Filter, see Chapter 26, Solaris IP Filter (Tasks).
Previous Next

 
 
  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire