Hi All,
Have a weird problem with ipf on Solaris 10 so thought I'd run it by you all.
Decided to allow my son to have internet access from his PC but want to strictly control what he can go to (as he is young and has special needs which means we need to be extra careful).
My idea was to use my Ultra 2 running Solaris 10 as a router/firewall so I enabled IP forwarding on the solaris box in the normal way. My set up is as follows:
Two Networks 10.0.0.0/8 amd 192.168.1.0/24
ADSL ROUTER Solaris Box Sons PC | | | | -------- | | | | | | hme0 hme2
10.0.0.2 10.0.0.163 192.168.1.1 192.168.1.10Now I thought that this would be dead easy:
- block all input to port 80 on hme2 on the solaris box (192.168.1.1)
- Allow input on port 80 on hme2 for "good" sites to pass through
this is how I thought I could set up ipc.conf to do this:
pass in quick on hme2 proto tcp from 192.168.1.10 to
block in log on hme2 proto tcp from 192.168.1.10 to any port = 80
This works up until a point but the pages take a long time to load. They appear to load a bit then pause and then load a bit more then pause. Watching ipmon and snoop output verifies this.
Here's the kicker! If I turn off the firewall or simply comment out
pass in quick on hme2 proto tcp from 192.168.1.10 to
then the connection runs at full speed!!!! Am I doing something stupid with this rule? I wouldn't expect this to behave in this way.
It's driving me nuts! So any guidance would be gratefull received!
BTW I set up a static route from the ADSL router back to the PC as I wasn't in the mood to start messing with NAT as well on the Solaris router box.