Manualshelf

HP-UX IPFilter V17.05 Administrator Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
12345678910
Table of Contents
About This Document .....................................................................................................13
Intended Audience................................................................................................................................13
New and Changed Information in This Edition...................................................................................13
Fixes for HP-UX 11i v3....................................................................................................................13
Typographic Conventions.....................................................................................................................13
Related Information..............................................................................................................................14
Publishing History................................................................................................................................14
HP Encourages Your Comments..........................................................................................................15
1 Overview.......................................................................................................................17
1.1 Benefits and Features......................................................................................................................17
1.2 Supported and Unsupported Features............................................................................................18
2 Installing HP-UX IPFilter................................................................................................19
2.1 Overview of HP-UX IPFilter Installation........................................................................................19
2.1.1 Installation and Configuration Checklist................................................................................19
2.2 Step 1: Checking HP-UX IPFilter Installation Prerequisites...........................................................19
2.3 Step 2: Installing HP-UX IPFilter.....................................................................................................19
2.4 Step 3: Verifying the Installation.....................................................................................................21
2.5 Step 4: (Optional) Modifying Kernel Tunable Parameters..............................................................21
2.6 Removing HP-UX IPFilter...............................................................................................................21
3 Configuring and Loading IPv4 Filter Rules................................................................23
3.1 IPv4 Filter Rules Configuration File................................................................................................25
3.1.1 Format.....................................................................................................................................25
3.1.2 Rule Order and Processing......................................................................................................25
3.2 Basic Rule Syntax: Specifying the Action, Direction, Protocol, IP Addresses, and Ports...............26
3.2.1 pass and block: Specifying the Filter Action...........................................................................26
3.2.2 in and out: Specifying the Filter Direction..............................................................................26
3.2.3 proto: Specifying the Upper Layer Protocol...........................................................................26
3.2.4 from and to: Specifying IP Addresses and Subnets................................................................26
3.2.4.1 Examples.........................................................................................................................27
3.2.4.2 all: Specifying All IP Addresses......................................................................................27
3.2.4.2.1 Example...................................................................................................................27
3.2.5 port: Specifying TCP and UDP Ports......................................................................................27
3.2.5.1 Service Names.................................................................................................................28
3.3 Rate-based Filtering.........................................................................................................................28
3.4 Processing Options: Logging Packets, Optimizing Rule Processing, and Specifying Interfaces....29
3.4.1 Option Order...........................................................................................................................29
3.4.2 log: Logging Packets................................................................................................................29
3.4.3 quick: Optimizing IPFilter Rules Processing..........................................................................29
3.4.4 on: Filtering by Network Interfaces........................................................................................30
3.5 Protocol Options: TCP Flags, IP Options and Fragments, ICMP Types and State Information.....31
3.5.1 Option Order...........................................................................................................................31
3.5.2 flags: Specifying TCP Header Flags........................................................................................31
3.5.3 with opt and ipopts: Specifying IP Options............................................................................32
3.5.3.1 not opt: Specifying Options Not Set................................................................................32
3.5.3.2 ipopts: Specifying Any IP Options..................................................................................32
Table of Contents 3