--- a/components/openssh/sources/ssh.xml Tue Mar 22 18:37:14 2016 -0700
+++ b/components/openssh/sources/ssh.xml Wed Mar 23 08:57:50 2016 -0700
@@ -49,13 +49,6 @@
<service_fmri value='svc:/system/utmp' />
</dependency>
- <dependency name='network_ipfilter'
- grouping='optional_all'
- restart_on='error'
- type='service'>
- <service_fmri value='svc:/network/ipfilter:default' />
- </dependency>
-
<dependency name='config_data'
grouping='require_all'
restart_on='restart'
@@ -120,20 +113,6 @@
value='solaris.smf.manage.ssh' />
</property_group>
- <property_group name='firewall_context' type='com.sun,fw_definition'>
- <propval name='name' type='astring' value='ssh' />
- <propval name='ipf_method' type='astring'
- value='/lib/svc/method/sshd ipfilter' />
- </property_group>
-
- <property_group name='firewall_config' type='com.sun,fw_configuration'>
- <propval name='policy' type='astring' value='use_global' />
- <propval name='apply_to' type='astring' value='' />
- <propval name='exceptions' type='astring' value='' />
- <propval name='value_authorization' type='astring'
- value='solaris.smf.value.firewall.config' />
- </property_group>
-
<property_group name='sysconfig' type='sysconfig'>
<stability value='Unstable' />
<propval name='group' type='astring' value='network' />
--- a/components/openssh/sources/sshd.sh Tue Mar 22 18:37:14 2016 -0700
+++ b/components/openssh/sources/sshd.sh Wed Mar 23 08:57:50 2016 -0700
@@ -4,7 +4,6 @@
#
. /lib/svc/share/smf_include.sh
-. /lib/svc/share/ipf_include.sh
SSHDIR=/etc/ssh
KEYGEN="/usr/bin/ssh-keygen -q"
@@ -44,24 +43,6 @@
fi
}
-create_ipf_rules()
-{
- FMRI=$1
- ipf_file=`fmri_to_file ${FMRI} $IPF_SUFFIX`
- policy=`get_policy ${FMRI}`
-
- #
- # Get port from /etc/ssh/sshd_config
- #
- tports=`grep "^Port" /etc/ssh/sshd_config 2>/dev/null | \
- awk '{print $2}'`
-
- echo "# $FMRI" >$ipf_file
- for port in $tports; do
- generate_rules $FMRI $policy "tcp" "any" $port $ipf_file
- done
-}
-
remove_key()
{
keypath=$1
@@ -166,10 +147,6 @@
# SMF arguments (start and restart [really "refresh"])
-'ipfilter')
- create_ipf_rules $2
- ;;
-
'start')
#
# If host keys don't exist when the service is started, create