HP-UX IPFilter A.03.05.12 Release Notes HP-UX 11.0, HP-UX 11i version 1, and HP-UX 11i version 2 September 2005 Documentation Web Site: http://www.docs.hp.com Manufacturing Part Number : B9901-90030 E0905 United States © Copyright 2001-2005 Hewlett-Packard Development Company, L.P.
Legal Notices The information contained herein is subject to change without notice. Warranty The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. U.S. Government License Confidential computer software.
HP-UX IPFilter Release Note Announcement 1 HP-UX IPFilter Release Note Announcement HP-UX IPFilter, product number B9901AA version A.03.05.12 is a TCP/IP packet filter suitable for use as a system firewall to protect application servers. Although HP-UX IPFilter is a superset of the functionality in the IPFilter 3.5 Alpha 5 open source version of the product, HP does not support some of the perimeter firewall features in that release.
HP-UX IPFilter Release Note What’s in This Version What’s in This Version Benefits and Features HP-UX IPFilter is a system firewall that filters the IP level packets that travel in or out of a system. The firewall functions as a security defense by cutting down the number of exposure points on a machine. HP-UX IPFilter is based on IP Filter Version 3.5 Alpha 5 from the open source community (developed by Darren Reed). The HP-UX IPFilter Version A.03.05.12 product is supported on HP-UX 11.
HP-UX IPFilter Release Note Known Problems and Workarounds Known Problems and Workarounds • HP-UX IPFilter does not work with IPv6. • The startup script for HP-UX IPFilter automatically disables the ip_forward_directed_broadcasts parameter. This keeps the system from being subjected to broadcast-storm attacks that can bring down a network.
HP-UX IPFilter Release Note Unsupported Features Unsupported Features The following list of utilities and commands are a part of the open source IPFilter product. These utilities and commands are included with HP-UX IPFilter, but are not supported by HP.
HP-UX IPFilter Release Note Supported and Unsupported Interfaces Supported and Unsupported Interfaces The following table lists the interfaces supported for each version of HP-UX IPFilter. CAUTION For all versions of HP-UX IPFilter, the unsupported interfaces do not interact with IPFilter. IPFilter does not block or protect the system from traffic on unsupported interfaces. HP-UX IPFilter is not tested with any third party products.
HP-UX IPFilter Release Note Supported and Unsupported Interfaces Table 1-1 HP-UX IPFilter Supported Interfaces (Continued) HP-UX IPFilter Version Supported Interfaces A.03.05.09 • Ethernet (10Base-T) A.03.05.08 • Fast Ethernet (100Base-T) A.03.05.07 • Gigabit Ethernet (1000Base-T) A.03.05.06 • APA A.03.05.05 • VLAN A.03.05.04 • FDDI A.03.05.03 • Token Ring A.03.05.02 • Ethernet (10Base-T) • Fast Ethernet (100Base-T) • Gigabit Ethernet (1000Base-T) • APA • VLAN A.03.05.
HP-UX IPFilter Release Note Compatibility Information and Installation Requirements Compatibility Information and Installation Requirements Software Requirements The system must have standard HP-UX 11.0, HP-UX 11i version 1, or HP-UX 11i version 2 core products installed on it. It must also have the following patches: For HP-UX 11i version 2, no patches are required, but it is recommended that you install the HP-UX 11i version 2 September 2004 update. NOTE • HP-UX 11.
HP-UX IPFilter Release Note Compatibility Information and Installation Requirements — HP-UX 11.0 64-bit system PHKL_23329 (or newer replacement) S700_800 11.00 kmadmin name truncation, load, autoload — HP-UX 11i version 1 32-bit system PHKL_22994 (or newer replacement) S700_800 11.11 fixes DLKM load unreg+text size panics — HP-UX 11i version 1 64-bit system PHKL_22994 (or newer replacement) S700_800 11.
HP-UX IPFilter Release Note Compatibility Information and Installation Requirements Disk Space Required for Installation This product requires 10 Mbytes of disk space.
HP-UX IPFilter Release Note Enhancements Enhancements No Sync Pre-Enablement HP-UX IPFilter A.03.05.12 is pre-enabled to support the NOSYNC method of Streams synchronization. NOTE In addition to IPFilter, the complete NOSYNC solution involves changes in Streams, Transport, and DLPI; the complete solution is not yet available. The HP-UX IPFilter release note will be updated with the necessary enhancement details and dependencies when the complete solution is available.
HP-UX IPFilter Release Note Fixes in This Version Fixes in This Version Fixes for HP-UX 11i version 2 The following table shows a problem that has been fixed in HP-UX IPFilter version A.03.05.12 for HP-UX 11i version 2. Table 1-2 Fixes for HP-UX 11i version 2 SR Number 8606365789 Description (JAGaf26419)—Incorrect or unnecessary message during local failover Fixes for HP-UX 11i version 1 and HP-UX 11i version 2 The following table shows a problem that has been fixed in HP-UX IPFilter version A.03.05.
HP-UX IPFilter Release Note Fixes in This Version Enhancements for HP-UX 11i version 1 and HP-UX 11i version 2 The following table shows enhancements that have been made in HP-UX IPFilter version A.03.05.12 for HP-UX 11i version 1 and HP-UX 11i version 2.
HP-UX IPFilter Release Note List of Documents Available with Product List of Documents Available with Product The list below contains documentation related to the HP-UX IPFilter product. • HP-UX IPFilter A.03.05.12 Administrator’s Guide (B9901-90029) • HP-UX IPFilter A.03.05.12 Release Note (B9901-90030) HP-UX IPFilter documentation is available from the following sources: • The HP Technical Documentation Web Site at http://docs.hp.com/hpux/internet/index.
