HP-UX IPFilter V17.05 Administrator Guide HP-UX 11i v2 and HP-UX 11i v3
ipl_logall
cur_iplbuf_sz (read only)
On HP-UX 11i v1, you can also use the ndd utility to configure and view the
ipf_icmp6_passthru parameter, as described in Section 11.4 (page 77).
NOTE: You cannot add the IPFilter ndd variables to the ndd configuration file read at system
startup time (/etc/rc.config.d/nddconf). When the system starts up, the IPFilter ndd variables
are reset to their default values.
The network device for the IPFilter parameters is /dev/pfil. Use the following syntax to configure
the value of an IPFilter ndd kernel tunable parameter:
ndd -set /dev/pfil parameter_name value
For example:
ndd -set /dev/pfil ipl_logall 1
Use the following syntax to query the value of a kernel tunable:
ndd -get /dev/pfil parameter_name
For example:
ndd -get /dev/pfil ipl_logall
C.8.2.2 Configuring fr_statemax and fr_tcpidletimeout using kmtune or kctune
On HP-UX 11i v1 systems, use the kmtune utility to query and configure fr_statemax and
fr_tcpidletimeout values. On HP-UX 11i v2 systems, use the kctune utility to query and
query these values. For new values to take effect, you must unload, reconfigure, and reload the
ipf module as follows:
1. Unload the ipf module:
/sbin/init.d/ipfboot stop
2. On HP-UX 11i v1 systems, use the following kmtune syntax to set the value of the tunable
parameter:
kmtune -s parameter_name=value
For example:
kmtune -s fr_tcpidletimeout=10800 (3 hours)
On HP-UX 11i v2 systems, use the following kctune syntax to set the value of the tunable
parameter:
kctune -s parameter_name=value
For example:
kctune -s fr_statemax=6000
3. Configure the module for the new value using the following commands:
cd /stand/ipf
config -M ipf -u
4. Reload the ipf module:
/sbin/init.d/ipfboot start
C.9 Enabling and disabling NAT functionality
The new ipnat_enable tunable is provided to enable/disable NAT functionality. By default,
this tunable is set to 1. If you do not use NAT functionality, disabling this tunable will improve
performance.
NOTE: This available only on 11i v3.
114 HP-UX IPFilter kernel tunable parameters