HP-UX IPFilter A.03.05.13 Release Notes: HP-UX 11i v3
HP-UX IPFilter Release Notes
Enhancements
Chapter 1 13
Kernel Tunables
The ndd command and its variables are no longer supported. HP-UX IPFilter now uses the
kctune command to query and configure kernel tunables.
The available kernel tunables are:
The ipl_buffer_sz tunable allows you to modify the size of the logging buffer. To check the
size of the log buffer and buffer space currently used, use the ipfstat –B command.
NOTE The ability to check the log buffer size and space used was previously done
using the ndd tunable cur_iplbuf_sz. This functionality has been replaced by
the ipfstat -B command.
For more information on any of these enhancements, see the HP-UX IPFilter A.03.05.13
Administrator’s Guide.
Name of Tunable Description
fr_tcpidletimeout The timeout period of states kept on TCP connections that are idle.
fr_statemax Restricts the number of state entries that can be created.
ipl_buffer_sz Used to modify the size of the IPFilter logging buffer for /dev/ipl.
ipl_suppress If set, does not print identical log records separately, but counts
them as Nx, where N is the number of times the log record occurs.
ipl_logall If set, the entire packet is logged. Otherwise, only the first 128
bytes are logged. This should be used with the log body rules.