Iptables in Solaris
Hello!
I wanted to check that like in Linux, is there any command like iptables, or any other adjacent command, performing the same function as of implementing a security firewall....??
You only have ipfilter, aka ipf wich is the default FreeBSD network filter.
You also have SunScreen from solaris, but I didn't like it.
Go for ipfilter, it's different from iptables, but similar and quite nice.
Similar Messages
-
Iptables in Solaris, like in Linux
Hello!
I wanted to check that like in Linux, is there any command like iptables, or any other adjacent command, performing the same function as of implementing a security firewall....??You only have ipfilter, aka ipf wich is the default FreeBSD network filter.
You also have SunScreen from solaris, but I didn't like it.
Go for ipfilter, it's different from iptables, but similar and quite nice. -
About Inbuilt Firewall in SOlaris 10
Hi
As I want to know that is there any firewall available inbuilt with Solaris 10 like IPTABLES in Linux.
Also as I have heared about Sun Screen Firewall was available upto Sun Solaris 8. Why it was stopped after Solaris 9 & 10.
Can you give me more details on same.
Thanks
RajanThe built-in firewall in solaris is called ipfilter.
It is much like iptables with a slightly different syntax but it is just as easy to use.
To start using it all you need to do is edit two files and give two commands (with fingers crossed).
You can find extensive instructions elsewhere but here is a quick overview.
Edit /etc/ipf/pfil.ap and de-comment the appropriate device name (use ifconfig -a to figure out what it is).
Edit /etc/ipf/ipf.conf to your liking. Check online documentation for the syntax. Becareful since it reads from top to bottom and other things that iptables does differently.
Here is a quick example of one of my machines*(careful this is an output from 'ipfstat -io' and not what you would necessarily want.
#this machine talking with others
pass out quick on bge0 proto tcp from xxx.xxx.xxx.xxx/32 to any keep state
pass out quick on bge0 proto udp from xxx.xxx.xxx.xxx/32 to any keep state
pass out quick on bge0 proto icmp from xxx.xxx.xxx.xxx/32 to any keep state
#open up trusted local networks
pass in quick on bge0 from xxx.xxx.xxx.0/24 to any
#outside world
pass in quick on bge0 proto tcp from any to any port = ssh
pass in quick on bge0 proto tcp from any to any port = 80
block in on bge0 all
Those last two passins are wide open but I use sshblack to monitor those ports. You can easily modify that for ipfilter from iptables.
http://www.pettingers.org/code/sshblack.html
After you are all set do
svcadm enable pfil
svcadm enable ipfilter
There are a pile of things that may cause either pfil or ipfilter to fail (svcs -vx to check) but you can google the answers or search these forums for how to fix them. -
Hi,
I am new to Solaris and am trying to set up a simple port forwarding from port 80 to 8080.
I know how to do this in Linux:
iptables -t nat -I PREROUTING -p tcp dport 80 -j REDIRECT to-port 8080
but cannot find a way to do this in Solaris. I have installed SunScreen, but am not sure whether this is the right thing to use.
This is a simple server in a hosting centre.
Can anyone help?In solaris you can do port forwarding with ssh . You have to install SSH from soalris 2 of 2 CD .
see man pages of ssh
Regards -
Iptables -m option(s) missing [SOLVED]
Hi there, trying to block an outgoing connection by command-name but the following happens:
$ sudo iptables -A OUTPUT -m owner --cmd-owner myapp -j DROP yields
iptables v1.4.21: unknown option "--cmd-owner"
ls -l /usr/lib/modules/`uname -r`/kernel/net/netfilter |grep owner
-rw-r--r-- 1 root root 1411 Apr 8 14:11 xt_owner.ko.gz
So hmm, does that mean in our current vanilla kernel (3.19.3-3 is it?) we have some net options not set?
i.e. would I need to compile the kernel for this Or is it just a command which has disappeared into oblivion over the years?
edit: yes, the module is also loaded.
PPS. Ok, it does indeed seem to be an ancient command, that particular option.
So the question is rather.. does iptables have an equivalent matching pattern aginst a command_name?
I use/am learning nft more on some other systems but for the one in mind, uses iptables.
Well, not sure if there is a command specific solution in the venerable iptables but I solved it by using a group and be done with it.
Last edited by solar (2015-04-21 11:29:41)hi brebs.. ye, I did as a means to an end , blocked a group, and can add/script things as needed via that group. Good enough.
-
Configure TNSNAMES for SOLARIS & LINUX
How can i configure the TNSNAMES file on the server that has Solaris as its Operating System(OS) and another server that has LINUX as its Operating System(OS).
I tried to configure the TNSNAMES on LINUX server and connected it but it gives an error.
The following is how i have defined in my TNSNAMES file on the client machine:
TZR =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.2)(PORT = 1521))
(CONNECT_DATA =
(SERVICE_NAME = tzr)
VIS =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.67)(PORT = 1521))
(CONNECT_DATA =
(SERVICE_NAME = VIS)
For SID TZR the toad and workflow is getting connected but for VIS it is giving me the following error:
ORA-12537: TNS: connection closed.
NOTE: TZR server has OS Windows 2003 server installed while VIS server has LINUX as its OS
Please can any one help me how to connect to the database?
Thanking you in advance,
Chetan12537, 00000, "TNS:connection closed"
// *Cause: "End of file" condition has been reached; partner has disconnected.
// *Action: None needed; this is an information message.
There must be additional messages that point to why the connection was closed. This message (as you can see from the above description) is pretty meaningless ito why the disconnect happen.
Wild shot in the dark:
I have seen this however with an incorrectly configured firewall. On iptables one would typically create a rule as follows:
# Allow Oracle Listener connections
iptables -A INPUT -p tcp --dport 1521 -i eth0 -j ACCEPT
However, it alone does not suffice as you need to add:
# Stateful Packet Inspection to allow established connections through
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT -
Logical interface in solaris 10
Hi there,
I need to configure logical interface in a solaris 10 3/05 server. After reading the Solaris 10 IP services manual, I am not quite sure what to do. All the examples and explanation are about using the new subcommand addif of ifconfig. It was not clear in the documentation if the setting logical interfaces via addif will persist across boot.
Can one still configure logical interface in Solaris 10 in a more traditional way like in Solaris 8? In an Solaris 8 server I will do the following.
Let's assume I want to configure in a solaris 8 server a logical interface named hme0:1 with IP address 192.168.20.28 with netmask 255.255.255.0 for hostname host001
# cat /etc/hostname.hme0:1
host001
^D
# echo "192.168.20.28 host001" >> /etc/inet/hosts
# echo "192.168.20.0 255.255.255.0" >> /etc/inet/netmasks
# reboot -- -r
Can one still do that in solaris 10 3/05 server?Hi there,
I need to configure logical interface in a solaris 10
3/05 server. After reading the Solaris 10 IP services
manual, I am not quite sure what to do. All the
examples and explanation are about using the new
subcommand addif of ifconfig. It was not clear in the
documentation if the setting logical interfaces via
addif will persist across boot.No. No 'ifconfig' command is persistent.
Can one still configure logical interface in Solaris
10 in a more traditional way like in Solaris 8? In an
Solaris 8 server I will do the following.
Let's assume I want to configure in a solaris 8
server a logical interface named hme0:1 with IP
address 192.168.20.28 with netmask 255.255.255.0 for
hostname host001
# cat /etc/hostname.hme0:1
host001
^D
# echo "192.168.20.28 host001" >> /etc/inet/hosts
# echo "192.168.20.0 255.255.255.0" >>
/etc/inet/netmasks
# reboot -- -r
Can one still do that in solaris 10 3/05 server?Absolutely.
You don't need to reboot (you can run ifconfig for this boot and let the files do the work next time) and the -r doesn't do anything with interfaces (expecially virtual interfaces) anyway.
Darren -
Installation problem on Solaris
I am trying to install sun one 7.0 on Solaris 8. The install is failing with this error:
ERROR - library load failed with following error: Can't load library: /opt/SUNWappserver7/lib/libinstallCore.so
INFO - End core server uninstallation
anyone know what causes this??
cheersLooks like Solaris package installation failed and installer reverted to uninstallation sequence. For low level pkgadd log please check /var/sadm/install/logs/Sun_ONE_Application_Server_install.B<timestamp> file (timestamp is date and time of your installation attempt in mmddHHMM format).
Look for any errors in this file. Most likely thing that could have happened is that the installation of Java Help (SUNWjhrt) package failed because you didn't have existing package based J2SE installation on the system. If that's the case, workaround is to either preinstall package based J2SE installation or to selected option to install bundled J2SE that comes with application server. -
Installation problem on Solaris 10
Dear All,
We are trying to install j2sdk 1.4.2_13 on solaris server zone. I have downloaded j2sdk-1_4_2_13-nb-5_0-solsparc-ml.bin
But when I try to execute this:
#./j2sdk-1_4_2_13-nb-5_0-solsparc-ml.bin
It gives me error: The installer is unable to run in graphical mode. Try running the installer with the -console or -silent flag
Tried with -console:
The wizard cannot continue because of the following error: Invalid command line option: console is not supported (10
01) (403)
WARNING: could not delete temporary file /tmp/ismp001/2599368
WARNING: could not delete temporary file /tmp/ismp001/6183226
WARNING: could not delete temporary file /tmp/ismp001/1222839
Then tried with -silent:
This time command just completed w/o any output at all.
Please suggest what can I do?
regards, Sean.Dear Siddhesh,
Thanks for your reply.
I tried using X Manager GUI for my Solaris. But when I double click the j2sdk-1_4_2_13-nb-5_0-solsparc-ml.bin file to run it, it simply denies saying:
The filename "j2sdk-1_4_2_13-nb-5_0-solsparc-ml.bin" indicates that this file is of type "Unknown type". The contents of the file indicate that the file is of type "Shell script". If you open this file, the file might present a security risk to your system.
Do not open the file unless you created the file yourself, or received the file from a trusted source. To open the file, rename the file to the correct extension for "Shell script", then open the file normally. Alternatively, use the Open With menu to choose a specific application for the file.
Also /tmp has full authorizations:
drwxrwxrwt 7 root sys 557 Jun 24 08:34 tmp
I dont have Hummingbird for X11 forwarding with this client. Do I have any other option??
regards, Sean. -
New to Solaris, Some Samba and NTFS issues.
Hi Im new to solaris and trying out ZFS which has been great.
Im haivng some trouble that I cant find up to date info on so here goes:
First how do you mount an NTFS volume in Solaris 11 Express?
I need to access the data on an NTFS drive to populate my new ZFS tank.
Secondly, I have read only access on my samba shares from windows machines but my smb.conf looks right. a copy of my smb.conf will follow
Any suggestions would be appreciated.
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
# For a step to step guide on installing, configuring and using samba,
# read the Samba-HOWTO-Collection. This may be obtained from:
# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
# Many working examples of smb.conf files can be found in the
# Samba-Guide which is generated daily and can be downloaded from:
# http://www.samba.org/samba/docs/Samba-Guide.pdf
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#======================= Global Settings =====================================
[global]
# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
workgroup = WORKGROUP
# server string is the equivalent of the NT Description field
server string = Samba Server
# Security mode. Defines in which mode Samba will operate. Possible
# values are share, user, server, domain and ads. Most people will want
# user level security. See the Samba-HOWTO-Collection for details.
security = share
# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
; hosts allow = 192.168.1. 192.168.2. 127.
# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
load printers = yes
# you may wish to override the location of the printcap file
; printcap name = /etc/printcap
# on SystemV system setting printcap name to lpstat should allow
# you to automatically obtain a printer list from the SystemV spool
# system
; printcap name = lpstat
# It should not be necessary to specify the print system type unless
# it is non-standard. Currently supported print systems include:
# bsd, cups, sysv, plp, lprng, aix, hpux, qnx
; printing = cups
# Uncomment this if you want a guest account, you must add this to /etc/passwd
# otherwise the user "nobody" is used
; guest account = pcguest
# this tells Samba to use a separate log file for each machine
# that connects
log file = /var/samba/log/log.%m
# Put a capping on the size of the log files (in Kb).
max log size = 50
# Use password server option only with security = server
# The argument list may include:
# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
# or to auto-locate the domain controller/s
# password server = *
; password server = <NT-Server-Name>
# Use the realm option only with security = ads
# Specifies the Active Directory realm the host is part of
; realm = MY_REALM
# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
passdb backend = smbpasswd
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting.
# Note: Consider carefully the location in the configuration file of
# this line. The included file is read at that point.
; include = /usr/sfw/lib/smb.conf.%m
# Configure Samba to use multiple interfaces
# If you have multiple network interfaces then you must list them
# here. See the man page for details.
; interfaces = 192.168.12.2/24 192.168.13.2/24
# Browser Control Options:
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
; local master = no
# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
; os level = 33
# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
; domain master = yes
# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
; preferred master = yes
# Enable this if you want Samba to be a domain logon server for
# Windows95 workstations.
; domain logons = yes
# if you enable domain logons then you may want a per-machine or
# per user logon script
# run a specific logon batch file per workstation (machine)
; logon script = %m.bat
# run a specific logon batch file per username
; logon script = %U.bat
# Where to store roving profiles (only for Win95 and WinNT)
# %L substitutes for this servers netbios name, %U is username
# You must uncomment the [Profiles] share below
; logon path = \\%L\Profiles\%U
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
; wins support = yes
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
# WINS Proxy - Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least one WINS Server on the network. The default is NO.
; wins proxy = yes
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The default is NO.
dns proxy = no
# These scripts are used on a domain controller or stand-alone
# machine to add or delete corresponding unix accounts
; add user script = /usr/sbin/useradd %u
; add group script = /usr/sbin/groupadd %g
; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u
; delete user script = /usr/sbin/userdel %u
; delete user from group script = /usr/sbin/deluser %u %g
; delete group script = /usr/sbin/groupdel %g
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = no
writable = yes
# Un-comment the following and create the netlogon directory for Domain Logons
; [netlogon]
; comment = Network Logon Service
; path = /usr/sfw/lib/netlogon
; guest ok = yes
; writable = no
; share modes = no
# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
;[Profiles]
; path = /usr/local/samba/profiles
; browseable = no
; guest ok = yes
# NOTE: If you have a BSD-style print system there is no need to
# specifically define each individual printer
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = no
writable = no
printable = yes
# This one is useful for people to share files
;[tmp]
; comment = Temporary file space
; path = /tmp
; read only = no
; public = yes
# A publicly accessible directory, but read only, except for people in
# the "staff" group
;[public]
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = no
; printable = no
; write list = @staff
# Other examples.
# A private printer, usable only by fred. Spool data will be placed in fred's
# home directory. Note that fred must have write access to the spool directory,
# wherever it is.
;[fredsprn]
; comment = Fred's Printer
; valid users = fred
; path = /homes/fred
; printer = freds_printer
; public = no
; writable = no
; printable = yes
# A private directory, usable only by fred. Note that fred requires write
# access to the directory.
;[fredsdir]
; comment = Fred's Service
; path = /usr/somewhere/private
; valid users = fred
; public = no
; writable = yes
; printable = no
# a service which has a different directory for each machine that connects
# this allows you to tailor configurations to incoming machines. You could
# also use the %U option to tailor it by user name.
# The %m gets replaced with the machine name that is connecting.
;[pchome]
; comment = PC Directories
; path = /usr/pc/%m
; public = no
; writable = yes
# A publicly accessible directory, read/write to all users. Note that all files
# created in the directory by users will be owned by the default user, so
# any user with access can delete any other user's files. Obviously this
# directory must be writable by the default user. Another user could of course
# be specified, in which case all files would be owned by that user instead.
;[public]
; path = /usr/somewhere/else/public
; public = yes
; only guest = yes
; writable = yes
; printable = no
# The following two entries demonstrate how to share a directory so that two
# users can place files there that will be owned by the specific users. In this
# setup, the directory should be writable by both users and should have the
# sticky bit set on it to prevent abuse. Obviously this could be extended to
# as many users as required.
;[myshare]
; comment = Mary's and Fred's stuff
; path = /usr/somewhere/shared
; valid users = mary fred
; public = no
; writable = yes
; printable = no
; create mask = 0765
[Series]
comment = TV Series
path = /home/Kirby/Series
public = yes
only guest = yes
writable = yes
printable = no875739 wrote:
Hi Im new to solaris and trying out ZFS which has been great.
Im haivng some trouble that I cant find up to date info on so here goes:
First how do you mount an NTFS volume in Solaris 11 Express?
I need to access the data on an NTFS drive to populate my new ZFS tank.I never had a need for it but I think you'll have to compile fuse ntfs-3g manually.
http://web.archiveorange.com/archive/v/u46DbWSGcIzl7pexf4hQ
>
Secondly, I have read only access on my samba shares from windows machines but my smb.conf looks right. a copy of my smb.conf will follow
Any suggestions would be appreciated.You don't need to use Samba in Solaris 11 Express.
http://download.oracle.com/docs/cd/E19963-01/html/821-1448/gaynd.html#gayne -
[SOLVED] how to use diffrent iptables rules for different ppp account?
x86 plantform run arch linux system , have two network interface etn1 eth0 .eth1 connect to internet. eth0 connect to other terminals through switch. want use different iptables rules for different pppoe account .also want to know how to forbidden more than one terminals established pppoe link use same account at the same time .
Last edited by linuxsir (2013-09-26 06:48:01)(You establish PPPoE sessions over the local network to the Arch machine? Which then routes the traffic?)
first question ,yes that is exactly what i am done. second question i also have a small scripts on windows pc to solve routes traffic problem
route -p delete 0.0.0.0
route -p add 192.168.9.0 mask 255.255.255.0 192.168.9.1
route -p add 0.0.0.0 mask 0.0.0.0 192.168.22.0
but after a while i found scripts is not necessary because windows always attempt to use PPPoE sessions as default internet connection local connection is also ok
and use -i pppX in my iptables rules dose not solve my problem , because same account start PPPoE session could be marked as ppp0 or ppp1. it is hard to identified which account start session. -
Error while creating a Solaris Resource
I got the following error while creating the following solaris resource:
Test connection failed for resource(s):
Solaris: Script failed waiting for "ASSWORD:" in response "_,)#+(:" ==> com.waveset.util.WavesetException: Script processor timed out with nothing to read and the following unprocessed text: "_,)#+(:".\n
I have the sudo permissions for the following commands:
(ALL) NOPASSWD: /usr/bin/auths, /usr/sbin/groupadd, /usr/sbin/groupdel, /usr/sbin/groupmod, /usr/bin/last, /usr/bin/listusers, /usr/bin/logins, /usr/bin/passwd, /usr/bin/profiles, /usr/bin/roles, /usr/sbin/useradd, /usr/sbin/userdel, /usr/sbin/usermod, /usr/bin/ypmatch, /usr/bin/ypcat, /usr/bin/ypasswd, /usr/bin/awk, /usr/bin/cat, /usr/bin/chmod, /usr/bin/chown, /usr/bin/cp, /usr/bin/cut, /usr/bin/diff, /usr/bin/echo, /usr/bin/grep, /usr/bin/ls, /usr/bin/mv, /usr/bin/rm, /usr/bin/sleep, /usr/bin/sort, /usr/bin/tail, /usr/bin/touch, /usr/bin/which
Please let me know what could be the problem?This doesn't look like a Sun Directory Server issue. You may want to post this to another forum.
Regards,
Ludovic. -
Error ora-15081 (and several others) while creating a new db in Solaris
Hi all,
OS: Solaris 11
DB: 11.2.0.3.5 (2 node rac)
While creating a new db on a Solaris 11 env, via dbca, the following stack error appeared to me:
ORA-19624: operation failed, retry possible
ORA-19870: error while restoring backup piece path[...]
ORA-19504: failed to create file "+MYDG"
ORA-00372: file cannot be modified at this time
ORA-15196: invalid ASM block header [kfc.c:19572] [1] [257] [0 != 821602346]
ORA-15081: failed to submit an I/O operation to a disk
ORA-15066: offlining disk "dsk_0001" in group "MYDG" may result in data loss
ORA-06512: at SYS.X$DBMS_BACKUP_RESTORE, line5827The dbca (ran as oracle user) aborts at 15%.
There are a lot of errors in this stack, and i'm not pretty sure which error is the main cause of this issue, but I think it's the "ORA-15081: failed to submit an I/O operation to a disk" that is the bad guy here. I did some researches and found that some possible sollutions:
1) One said that this error might be caused by bad permissions on the raw devices used in the "MYDG" diskgroup (i'm using 6 devices with external redundancy), but my devices are all with the grid:asmadmin and 660 permissions
2) Another said that this might be a problem with the owner:group of the oracle binaries. In ny installation the oracle binaries ($ORACLE_HOME/bin) are with the oracle:oinstall. I thougth of addind the asmadmin group to the oracle user, but i'm not sure what are the implications of this change. What do you thing?
What am I doing wrong and how can i solve it?
Thanks in advance for your pacience and attention.Here follows the output:
NAME MOUNT_S HEADER_STATU MODE_ST STATE GROUP_NUMBER PATH
DG02HML_0000 CACHED MEMBER ONLINE NORMAL 3 /dev/rdsk/c0t60060E8005487F000000487F000 00500d0s0
DG02HML_0001 CACHED MEMBER ONLINE NORMAL 3 /dev/rdsk/c0t60060E8005487F000000487F000 00502d0s0
DG02HML_0002 CACHED MEMBER ONLINE NORMAL 3 /dev/rdsk/c0t60060E8005487F000000487F000 00504d0s0
DG02HML_0003 CACHED MEMBER ONLINE NORMAL 3 /dev/rdsk/c0t60060E8005487F000000487F000 00506d0s0
DG02HML_0004 CACHED MEMBER ONLINE NORMAL 3 /dev/rdsk/c0t60060E8005487F000000487F000 00508d0s0
DG02HML_0005 CACHED MEMBER ONLINE NORMAL 3 /dev/rdsk/c0t60060E8005487F000000487F000 0050Ad0s0 -
How to create HP LaserJet 2420 printer queue on Solaris 10
Hi Solaris Gurus,
I am having difficulty creating a printer queue for HP LaserJet 2420 on Solaris 10 (11/9) Sparc (Sun Fire T5220) server. A popular method used is with hppi (HP Jet Direct) tool but it does not have the exact printer driver and alternative printer drivers (e.g. HP LaserJet 4 / 4M, HP LaserJet 2000 series) resulted in only part of the text occupying the wrong side of an A5 page.
An alternative approach that has worked in the past for simple default paper tray 2 (single paper tray), with tray 1 reserved for manual feed. This method involves creating a working printer queue on a Windows workstation (XP) / server (2000) with the correct driver and having configured to support Unix printing to receive LPR request from Unix systems in general. A remote printer queue would then be defined on Solaris 10 system which points to the Windows system. However, the printing jobs kept going to tray 1 (top manual feed) even though the Windows printer queue was configured to go to tray 3 (bottom tray).
The earlier method would be simplest but needs the right driver (PDD) but I don’t know where to find it. The latter approach is also not working despite having got the right driver on Windows. A test page on the target Windows printer queue would print to tray 3 (bottom tray) of the printer correctly.
Printmgr does not work well with HP printers from experience. It is good for serial and local printers.
Your advice would be much appreciated.
Thanks,
CrystalHi Giogio, and welcome to the HP Forums.
I am sorry to be the bearer of this news, but do the age of the printer, it is not supported by Mac OS X 10.9. I am including a list below of the supported printers from Apple:
OS X: Printer and scanner software available for download.
For more information, I would recommend contacting the Apple Support Communities.
Thank you for posting on the HP Forums.
Please click “Accept as Solution " if you feel my post solved your issue, it will help others find the solution.
Click the “Kudos, Thumbs Up" on the right to say “Thanks" for helping!
Jamieson
I work on behalf of HP
"Remember, I'm pulling for you, we're all in this together!" - Red Green. -
PMTU discovery in IPv6 based on IPV6_RECVPATHMTU in Solaris 10
Our application works with raw sockets and needs to discover PMTU of IPv6 paths.
According to the RFC-3542 (http://tools.ietf.org/html/rfc3542, section 11) the socket option IPV6_RECVPATHMTU allows applications to know about the change of path MTU by receipt of new ancillary data item (IPV6_PATHMTU) which is delivered to recvmsg() without any actual data. Following construction should be used to enable this option:
int on = 1;
setsockopt(fd, IPPROTO_IPV6, IPV6_RECVPATHMTU, &on, sizeof(on));In the online Sun documentation I found that this socket option is supported since Solaris 10 (http://docs.sun.com/app/docs/doc/816-5177/ip6-7p).
However, in our test this socket option appears to be not working. After decrease of the PMTU via ifconfig and sending a big enough packet an ICMP (Packet Too Big) is received but there is no event with ancillary data item on the socket.
One peculiarity that may be essential is that our application binds to a specific port in a raw socket (i.e. to IP address : port pair).
Does anyone have information if the IPV6_RECVPATHMTU socket option is really supported in Solaris 10?
Probably, ICMP should be off to be able to receive this event with ancillary data on the socket?
Will appreciate any ideas how to make it working.
Thanks in advance,
Mike.Hi,
I have a Sunfire V100 - and have the exact same problem. The settings are correct; I have configure dual-NIC cards many times in the past - but this issue is simply eluding me. I can swap in a Linux machine in router / ip forwarding mode and there are no problems, but when I put back in the Sunfire I encounter the same issues you have.
In effect, packets from the LAN arrive at the NIC on the Solaris machine, but then don't get forwarded to the other NIC's gateway. I'm at a loss, but I have seen this problem pop-up (without answer) a half-dozen times in this forum alone, and multiple times on different support sites. Did you (or anyone) ever come across a solution for this? Is this not some easily overlooked yet possibly cryptic flag or variable that I've missed? Anyone?
Maybe you are looking for
-
If you registrate one Apple ID for each iPhone/iPad, you'll get 5GB on iCloud for each Apple ID, right? I have two iPhones and one iPad with the same Apple ID, why can't I get 5 GB fo each of them?
-
Migration software from SAP R/3 to Oracle eBusiness Suite
Is there any Oracle product which can migrate an Oracle 9i R2 database for SAP R3 to eBusiness Suite? Has any one successfully integrated an SAP R/3 system with eBusiness Suite?
-
HT1203 How do I get my music from the iTunes library to my iPod touch?
How do I get my music from the iTunes library to my iPod touch?
-
How to make Dependent LOV in tablular form
Hi, We created a tabular form. Example: We have two form fileds with LOVs A and B. Based on select list A, we need to refresh the second list B. Just like cascading LOV option in normal form(apart from Tabular form) Please provide your valueble input
-
Query to select records between 2 different times
Hi all, With trap_store table as (trap_id number,trap_received date)) and trap_time table as (from_time varchar2(10),to_time varchar(10)) How to i select records from trap_store table where time part of trap_received is between from_time and to_time