System Administration Guide: IP Services
Previous Next

Document Information

Preface

Part I TCP/IP Administration

1.  Solaris TCPIP Protocol Suite (Overview)

2.  Planning an IPv4 Addressing Scheme (Tasks

3.  Planning an IPv6 Addressing Scheme (Overview)

4.  Planning an IPv6 Network (Tasks)

5.  Configuring TCP/IP Network Services and IPv4 Addressing (Tasks)

6.  Administering Network Interfaces (Tasks)

7.  Enabling IPv6 on a Network (Tasks)

8.  Administering a TCP/IP Network (Tasks)

9.  Troubleshooting Network Problems (Tasks)

10.  TCP/IP and IPv4 in Depth (Reference)

11.  IPv6 in Depth (Reference)

Part II DHCP

12.  About Solaris DHCP (Overview)

13.  Planning for DHCP Service (Tasks)

14.  Configuring the DHCP Service (Tasks)

15.  Administering DHCP (Tasks)

16.  Configuring and Administering DHCP Clients

17.  Troubleshooting DHCP (Reference)

18.  DHCP Commands and Files (Reference)

Part III IP Security

19.  IP Security Architecture (Overview)

20.  Configuring IPsec (Tasks)

21.  IP Security Architecture (Reference)

22.  Internet Key Exchange (Overview)

23.  Configuring IKE (Tasks)

24.  Internet Key Exchange (Reference)

25.  Solaris IP Filter (Overview)

What's New in Solaris IP Filter

Introduction to Solaris IP Filter

Solaris IP Filter Packet Processing

Guidelines for Using Solaris IP Filter

Using Solaris IP Filter Configuration Files

Working With Solaris IP Filter Rule Sets

Packet Filter Hooks

IPv6 for Solaris IP Filter

Solaris IP Filter Man Pages

26.  Solaris IP Filter (Tasks)

Part IV Mobile IP

27.  Mobile IP (Overview)

28.  Administering Mobile IP (Tasks)

29.  Mobile IP Files and Commands (Reference)

Part V IPMP

30.  Introducing IPMP (Overview)

31.  Administering IPMP (Tasks)

Part VI IP Quality of Service (IPQoS)

32.  Introducing IPQoS (Overview)

33.  Planning for an IPQoS-Enabled Network (Tasks)

34.  Creating the IPQoS Configuration File (Tasks)

35.  Starting and Maintaining IPQoS (Tasks)

36.  Using Flow Accounting and Statistics Gathering (Tasks)

37.  IPQoS in Detail (Reference)

Glossary

Index

Packet Filter Hooks

Beginning with the Solaris Express, Developer Edition 2/07 release, packet filter hooks replace the pfil module to enable Solaris IP filter. In previous Solaris releases, configuration of the pfil module was required as an additional step to set up Solaris IP Filter. This extra configuration requirement increased the risk of errors that would cause Solaris IP Filter to work improperly. The insertion of the pfil STREAMS module between IP and the device driver also caused performance degradation. Lastly, the pfil module could not perform packet interception between zones.

The use of packet filter hooks streamlines the procedure to enable Solaris IP Filter. Through these hooks, Solaris IP Filter uses pre-routing (input) and post-routing (output) filter taps to control packet flow into and out of the Solaris system.

Packet filter hooks eliminate the need for the pfil module. Thus the following components that are associated with the module are also removed.

  • pfil driver

  • pfil daemon

  • svc:/network/pfil SMF service

For tasks associated with enabling Solaris IP Filter, see Chapter 26, Solaris IP Filter (Tasks).
Previous Next