SunScreen rules not active

barthalamu
barthalamu used Ask the Experts™
on
I must be missing something...I am using command line to administer a SunScreen 3.2 firewall on Solaris 9.  When I list the policy rules from within the policy known as 'Initial', it looks like this:

edit> list rule
1 "X11" "*" "*" ALLOW
2 "www" "*" "*" ALLOW
3 "ftp" "*" "*" ALLOW


What I am wondering about is the fact that ssh is NOT listed here, but I can ssh to this box just fine from another machine on its same subnet.  Why is this?  If it is not listed, shouldn't it get denied???  

I have verified that this is the active policy.  What's the deal??

Thanks for any help.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
It looks like you have not defined "DENY" rule, put the follwing, in front of you "ALLOW" rules to see what happen?

1. ssh * * DENY

It should block the ssh connections.

Have a look at the SunScreen Adm guide, to see if anything can help you about the SunScreen:

http://docs.sun.com/db/doc/806-4127

Author

Commented:
Yuzh:

Even this does not work.  I don't know why.  It seems like all the various processes are running.  I have tried rebooting, and that does not help either.

By the way, I shouldn't have to explicitly DENY services, should I??  I thought SunScreen worked like most firewalls, in that if you don't specifically ALLOW a service, it gets denied by default.  Correct me if I am wrong.

Thanks.

Author

Commented:
My mistake!  Actually, it was working from the beginning...I did not have the correct policy revision(eg. Initial.33 as opposed to Initial.28) active.  Now I do.  Thanks for the help.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial