My Oracle Support Banner

IPFilter service fails to start - error "protocol unknown error at "all" (Doc ID 1937262.1)

Last updated on OCTOBER 08, 2019

Applies to:

Solaris Operating System - Version 10 1/13 U11 and later
Information in this document applies to any platform.


The IPFilter service (svc:/network/ipfilter:default) can start or be restart in a maintenance state (SMF) and the following error can be seen in the SMF log file (/var/svc/log/network-ipfilter:default.log) :

protocol unknown error at "all", line <NUM>

This can happen with rules in /etc/ipf/ipf.conf that use "proto <PROTOCOL>" e.g.

pass in quick on <interface> proto tcp from any to 191.XXX.XXX.1 port = 2222 keep state

Other symptoms may be you will not be able an update the rule set, flush the rule set, or restart the service without the error appearing in the SMF log file.Reboot clears the issue though.


The underling problem is that IPFilter can not resolve the proto field through the configure name service. To test use:

# getent protocols tcp

or whichever protocol you are looking up indicated by the line number in the error message above.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.