Hi! I've got a question: I've created a zone on my OmniOS test server called "caddytest". Now I'm trying to set firewall rules from the global zone. I can set the in-zone rules, but not the GZ-controlled rules (I/O error). See notebin.de/?37357f48f35b3435#5UzMzc…tWu3RPhEkmRwtXuaVv7E8gz8jduH8QAXJvv

Any ideas what I'm doing wrong?

Thanks!

All commands have been run from the GZ

Is the `ipfilter` service enabled inside the zone?

(I'm trying to remember if that's relevant or not)

yes, otherwise setting the in-zone rules also fails

I was going to say the same, but for the global zone

Try `ipf -GE <zonename>` first to enable it

I was just reading github.com/omniosorg/pkg5/blob/mast…c/brand/shared/firewall.ksh#L34-L45 to refresh my memory

# ipf -GE caddytest

SIOCFRENB: Unknown error

rules placed in <zonepath>/etc/ipf.conf should be automatically loaded into the GZ-controlled zone firewall by that script

ipf -G -E caddytest works

I can add rules now :-) thank you very much

Great, and if you want to make it automatic on zone boot, you can drop files there.

which zonepath is meant here?

The one that is reported by `zonecfg -z caddytest info zonepath`

have to leave, cu

[illumos-gate] 16589 zfs: avoid kfpu use when panicking -- Andy Fiddaman <illumos⊙fn>

heh.. how many more bugs dare I find in sata.c

what now?

at least LOG SENSE for page 0 has never worked correctly

though I need to dig more, but I suspect most of the other log pages aren't working either

i have a bit of cleanup on lots of repetitive (and slightly confusing) code as well as some of the error handling that makes it cleaner (in anticipation of adding support for additional log pages as well as a few more commands)

basically to make adding those log pages and commands simpler (and hopefully more foolproof)

but in testing those bits, i ran into these bugs :)