Solaris10 - notes

Changing IP address

/etc/hosts
/etc/hostname.bge0
/etc/resolv.conf
/etc/netmasks
/etc/nodename
/etc/defaultrouter
/etc/inet/ipnodes

TFTPd setup

In  /etc/inetd.conf - uncommented the line
TFTPD - tftp server
tftp dgram udp6 wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot
Run these commands to convert inetd.conf entries into smf service manifests, import them into smf repository and check its taken

root# inetconv
root# svcs | grep tftp
online 16:15:58 svc:/network/tftp/udp6:default

• Enable using inetadm -e svc:/network/tftp/udp6

• Disable with inetadm -d svc:/network/tftp/udp6

Wrap the service to only allow from SWERN address space

Solaris 10 comes with TCP Wrappers included: Enable using:

inetadm -M tcp_wrappers=true
svcadm refresh inetd

Check using

# svcprop -p defaults inetd
defaults/tcp_wrappers boolean true 

Can also set for inetd-based services using

svccfg -s inetd setprop defaults/tcp_wrappers=true
svcadm refresh inetd

 /etc/hosts.allow and /etc/hosts.deny now configures as usual.
 All fine - except this doesn't work for TFTP
Use IPfilters instead

mantoo IP addresses

 e1000g0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 5
        inet 194.83.94.62 netmask ffffffc0 broadcast 194.83.94.63
        ether 0:14:4f:4a:7:3e
nge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        inet 192.168.243.182 netmask fffffc00 broadcast 192.168.243.255
        ether 0:14:4f:4a:7:3c

ifconfig e1000g0 194.83.94.62 netmask 255.255.255.192
ifconfig e1000g0 broadcast 194.83.94.63