HP-UX IPFilter V18.0 Administrator Guide for HP-UX 11i v3
processing.
-Q interface_name Queries if IPFilter processing is enabled or disabled for a given
interface. If you specify this option with the -6 option, it queries the
status of IPv6 IPFilter processing; if you specify this option without the
-6 option, it queries the status of IPv4 IPFilter processing.
The -E, -D, and -Q commands let you control IPFilter processing on
a given interface. For example, ipf -D lan0 disables IPv4 IPFilter
processing for traffic on lan0. The command ipf -6 -E lan0
enables IPv6 IPFilter processing on lan0. The ipf -Q lan0 command
queries if IPv4 IPFilter processing is enabled or disabled for lan0.
NOTE: All ipf actions are performed on the active rules file by default. To perform actions on
the inactive rules file, you must specify the -I option.
For a complete list of ipf options and their uses, see the ipf(5) and ipf(8) manpages.
10.1.3 Example
Enter the following command to load a ruleset:
ipf -Fa -f rules_file
10.2 The ipnat utility
Use the ipnat utility to view and load NAT rules. The default NAT rules file is /etc/opt/ipf/
ipnat.conf.
10.2.1 Syntax
ipnat -options full_path_name
10.2.2 Options
-f Reads rules from a specified rules file.
-l Lists NAT rules and active mappings.
-C Deletes the current ruleset.
-F Flushes active mappings.
-r Removes rules from the NAT rules file.
10.2.3 Example
Enter the following command:
ipnat -CF -f /etc/opt/ipf/ipnat.conf
This command flushes any existing NAT rules and removes any active mappings, then loads the
NAT rules in the ipnat.conf file.
10.3 The ipfilter utility (HP-UX 11i v3)
The ipfilter utility enables, disables, and reports the IPFilter state. The ipfilter utility is
supported only on HP-UX 11i v3.
10.3.1 Syntax
/opt/ipf/bin/ipfilter -d|e|q|l|ei|di
70 HP-UX IPFilter utilities