HP-UX IPFilter V17.05 Administrator Guide
11 HP-UX IPFilter and ICMP............................................................................................99
11.1 Filtering ICMPv4 Packets by Type and Code (icmp-type and code)............................................99
11.2 Configuring ICMPv4 Kernel Parameters....................................................................................100
11.2.1 Dead Gateway Detection (ip_ire_gw_probe)......................................................................101
11.2.1.1 IPFilter Configuration..................................................................................................101
11.2.2 ICMP Source Quench (ip_send_source_quench)................................................................101
11.2.2.1 IPFilter Configuration..................................................................................................101
11.2.3 ICMP Redirects (ip_send_redirects)....................................................................................102
11.2.3.1 IPFilter Configuration..................................................................................................102
11.2.4 PMTU Discovery (ip_pmtu_strategy).................................................................................102
11.2.4.1 IPFilter Configuration..................................................................................................102
11.2.5 ICMP Echo Request Broadcasts (ip_respond_to_echo_broadcast).....................................103
11.2.6 Using ndd to Configure ICMPv4 Kernel Parameters..........................................................103
11.3 Filtering ICMPv6 Packets by Type and Code (icmpv6–type and code)......................................104
11.4 Controlling ICMPv6 Router Discovery and Neighbor Discovery Messages..............................105
11.4.1 Configuring ipf_icmp6_passthru........................................................................................105
11.4.1.1 Configuring ipf_icmp6_passthru on HP-UX 11i v2 and HP-UX 11i v3......................105
11.4.1.2 Configuring ipf_icmp6_passthru on HP-UX 11i v1....................................................105
12 HP-UX IPFilter and FTP.............................................................................................107
12.1 FTP Basics....................................................................................................................................107
12.2 WU-FTPD on HP-UX...................................................................................................................107
12.3 Running an FTP Server................................................................................................................108
12.3.1 Active FTP............................................................................................................................108
12.3.2 Passive FTP..........................................................................................................................108
12.4 Running an FTP Client................................................................................................................108
12.4.1 Active FTP............................................................................................................................108
12.4.2 Passive FTP..........................................................................................................................109
13 HP-UX IPFilter and NFS and RPC...........................................................................111
13.1 Introduction.................................................................................................................................111
13.2 Configuring NFS to Use Fixed Ports...........................................................................................111
13.3 Using the rpc.ipfboot Script to Update IPFilter Rules.................................................................112
13.3.1 Rules Files............................................................................................................................112
13.3.2 RPC Rules Configuration File..............................................................................................113
14 HP-UX IPFilter and IPSec .........................................................................................115
14.1 IPFilter and IPSec Basics..............................................................................................................115
14.2 IPSec UDP Negotiation................................................................................................................115
14.3 When Traffic Appears to Be Blocked...........................................................................................116
14.4 Allowing Protocol 50 and Protocol 51 Traffic..............................................................................117
14.5 IPSec Gateways............................................................................................................................118
15 HP-UX IPFilter and Serviceguard............................................................................119
15.1 Using HP-UX IPFilter with Serviceguard ...................................................................................119
15.1.1 Enabling or Disabling IPFilter.............................................................................................119
15.1.2 Local Failover.......................................................................................................................119
15.1.3 Remote Failover...................................................................................................................120
15.1.3.1 Filtering on a Package IP Address...............................................................................120
15.1.3.2 Mandatory Rules.........................................................................................................120
15.1.3.2.1 Rules for Intra-Cluster Communication..............................................................121
Table of Contents 7