fwall_5.tar
# make
/usr/local/bin/gcc -g -D_KERNEL -c -m64 fwall.c
/usr/ucb/ld -dn -r fwall.o -o fwall
/usr/local/bin/gcc -g -lnsl fwalladm.c -o fwalladm
# make install
/bin/cp fwall /kernel/strmod/sparcv9/fwall
/bin/cp fwalladm /usr/local/bin/fwalladm
/bin/cp fwallcntl /usr/local/bin/fwallcntl
# /usr/local/bin/fwallcntl start
insert rule <rule number> <protocol> <src port> <dest port> <src address> <destion address> <action>
add rule <protocol> <src port> <dest port> <src address> <dest address> <action>
delete rule <rule number>
list rule
add interface <interface>
delete interface <interface>
list interface
# /usr/local/bin/fwalladm
>
# /usr/local/bin/fwalladm
> add rule TCP * 80 * * ALLOW
> add rule TCP 80 * * * ALLOW
> add rule UDP * * 10.0.0.1 10.0.0.2 ALLOW
> add rule * * * * * DENY
# /usr/local/bin/fwalladm
> list rule
Rule 0: *(*) -> *(80) TCP ALLOW
Rule 1: *(80) -> *(*) TCP ALLOW
Rule 2: 10.0.0.1(*) -> 10.0.0.2(*) TCP ALLOW
Rule 3: *(*) -> *(*) * DENY
# /usr/local/bin/fwalladm
insert rule 2 TCP 25 * * * DENY
> list rule
Rule 0: *(*) -> *(80) TCP ALLOW
Rule 1: *(80) -> *(*) TCP ALLOW
Rule 2: *(25) -> *(*) TCP DENY
Rule 3: 10.0.0.1(*) -> 10.0.0.2(*) TCP ALLOW
Rule 4: *(*) -> *(*) * DENY
# /usr/local/bin/fwalladm
> delete rule 3
> list rule
Rule 0: *(*) -> *(80) TCP ALLOW
Rule 1: *(80) -> *(*) TCP ALLOW
Rule 2: *(25) -> *(*) TCP DENY
Rule 3: *(*) -> *(*) * ALLOW
# /usr/local/bin/fwalladm
> add interface hme0
> list interface
hme
le
> delete interface hme0
> list interface
le
# /usr/local/bin/fwallcntl stop
# make uninstall
/usr/local/bin/fwallcntl stop
fwall module removed from all interface
fwall module successfully unloaded
/bin/rm /kernel/strmod/sparcv9/fwall
/bin/rm /usr/local/bin/fwalladm
/bin/rm /usr/local/bin/fwallcntl
# make -f Makefile32
# make -f Makefile32 install
# make -f Makefile32 uninstall