May 26, 2005 No comments

Building IPF on Solaris 9.

Just some quick notes on building IPF on Solaris 9. Download the latest ipf from the IP Filter home page. Then get the latest pfil from here. You will need a copy of gcc later than 3.3 to build working 64-bit kernel modules.

  1. Unpack both archives.
  2. cd into the pfil directory. Edit the Makefile, uncommenting the S64FLAGS after the “# for GCC” line. It should read S64FLAGS=-m64 -mcmodel=medlow -DDO=pfil${SBITS}. Comment out the previous S64FLAGS line. Save the file.
  3. Build pfil with CC=gcc make package.
  4. Install the resulting package (it is /tmp/pfil.pkg).
  5. cd into the ip_filxxx directory.
  6. Build the ipf binaries with CC=gcc make solaris.
  7. cd into the SunOS5 directory.
  8. Build the ipf packages with CC=gcc make package. This will create a Solaris package and install it.
  9. At this point, if you try to start ipf using the /etc/init.d/ipfboot script you will get an error “can’t load module: No such file or directory. pfil not available to support ipfilter”. You will need to manually push the pfil module onto the interface. For a bge interface the following should work ifconfig bge0 modinsert pfil@2.
  10. You should now be able to create an ipf.conf and start the filters.

[composed and posted with ecto]

You may Leave a comment or Subscribe to Comments RSS or Trackback this entry.

Leave a comment

Please be polite and on topic. Your e-mail will never be published.

Recent Posts

Blogroll