April 5th, 2005, 09:32
I have a Oracle server running on Solaris 9. I compliled and installed ipf, and it is working properly. To allow SQnEt access to the Oracle server I opened up ports 1521 and 1526, but still could not establish a connection. After doing some research I dicovered that Oracle uses 1521 and 1526 as "control" ports. So any incoming connections initially start out on 1521 and 1526, and are then dumped over to another random port. To make matters even more complicated there is no way within Oracle to define a range of ports for the subsequent connections to be passed off to. Does ipf support any type of connection tracking?

April 6th, 2005, 00:41
You can keep state in ipf. Should work for you. We use ipf/oracle/solaris a bunch. Message me if you have problems.

April 8th, 2005, 10:16
i got it working with the later version of ipf
version ip_fil3.4.35 and pfil-2.1.5

what version are you using?