I'd look for errors in the service's log - cat $(svcs -L /network/ipfilter)

Hi. It seems my ipf is acting up, so I have removed all configs (from GZ and from /zones/etc).

Now /etc/ipf/ipf.conf in GZ contains the following 2 lines:

pass in quick on lo0 all

pass out quick on lo0 all

I have also disabled ipf using: "svcadm disable network/ipfilter"

now svcs doesn't list ipfilter anymore and I have even rebooted the box to make sure it starts with a clean state.

so this is the current state: pastebin.com/raw/M2F9vtCH

enabling ipf doesn't populates the filter list, but manual reload populates it: pastebin.com/raw/ucrMmv4g

now, I assume ipf should read /etc/ipf/ipf.conf automatically, so let me reboot the box to see what happens.

It still doesn't loads the rules from ipf.conf automatically after a reboot: pastebin.com/raw/et9kCTLP

What am I doing wrong here?

maybe check it's setup to use the correct files as per the documentation on omnios.org/info/ipfilter.html

`svccfg -s ipfilter:default listprop | grep file`

but if things are in default state then it sounds like what you have should work

but also try sommerfeld's earlier suggestion:

01:20 < sommerfeld> I'd look for errors in the service's log - cat $(svcs -L /network/ipfilter)

The files are the default, and looks ok to me. The log output doesn't tells me too much: pastebin.com/raw/4zTQnwrW

Maybe: "Set 0 now inactive" ?

I try to reboot again, in this time I won't be available via irc.

I don't get this. Everything seems to be enabled according to the guides, i have rules in the ipf.conf, still the firewall rules doesn't gets loaded after booting the system: pastebin.com/raw/96QUxWhd

sometimes, it ma y happen, the guides are bad. from that log, see into /lib/svc/method/ipfilter - from it you will find the function to upgrade config and hint that you should have firewall_config_default/policy astring custom if you want to use those config files.... :P see also output from "svccfg -s ipfilter:default listprop"