Manualshelf

HP-UX IPFilter v18.21 Administrator Guide HP-UX 11i v3 (761995-001, March 2014)

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
71727374757677787980
q
Queries whether DCA is disabled or enabled.
t
Toggles DCA between disabled or enabled.
There is a single DCA mode for both IPv4 and IPv6 DCA processing.
Specifying the -6 option with the -m option has no effect. See Section
(page 41) for more information about how to disable, enable, query,
or toggle DCA.
TIP: If you have no DCA rules (no keep limit rules), HP
recommends that you disable DCA.
-E interface_name Enables IPFilter processing for traffic on a given interface. If you specify
this option with the -6 option, it enables IPv6 IPFilter processing; if
you specify this option without the -6 option, it enables IPv4 IPFilter
processing.
-D interface_name Disables IPFilter processing for traffic on a given interface. If you specify
this option with the -6 option, it disables IPv6 IPFilter processing; if
you specify this option without the -6 option, it disables IPv4 IPFilter
processing.
-Q interface_name Queries if IPFilter processing is enabled or disabled for a given
interface. If you specify this option with the -6 option, it queries the
status of IPv6 IPFilter processing; if you specify this option without the
-6 option, it queries the status of IPv4 IPFilter processing.
The -E, -D, and -Q commands let you control IPFilter processing on
a given interface. For example, ipf -D lan0 disables IPv4 IPFilter
processing for traffic on lan0. The command ipf -6 -E lan0
enables IPv6 IPFilter processing on lan0. The ipf -Q lan0 command
queries if IPv4 IPFilter processing is enabled or disabled for lan0.
NOTE: All ipf actions are performed on the active rules file by default. To perform actions on
the inactive rules file, you must specify the -I option.
For a complete list of ipf options and their uses, see the ipf(5) and ipf(8) manpages.
Example
Enter the following command to load a ruleset:
ipf -Fa -f rules_file
The ipnat utility
Use the ipnat utility to view and load NAT rules. The default NAT rules file is /etc/opt/ipf/
ipnat.conf.
Syntax
ipnat -options full_path_name
Options
-f Reads rules from a specified rules file.
-l Lists NAT rules and active mappings.
The ipnat utility 75