HP-UX IPFilter v18.21 Administrator Guide HP-UX 11i v3 (761995-001, March 2014)

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software

Supported utilities.................................................................................................................102

Unsupported utilities..............................................................................................................103

Supported and unsupported interfaces....................................................................................103

B HP-UX IPFilter configuration examples........................................................106

BASIC_1.FW........................................................................................................................106

BASIC_2.FW.......................................................................................................................107

example.1............................................................................................................................108

example.2...........................................................................................................................108

example.3...........................................................................................................................108

example.4...........................................................................................................................109

example.5...........................................................................................................................109

example.6...........................................................................................................................109

example.7...........................................................................................................................110

example.8...........................................................................................................................110

example.9...........................................................................................................................110

example.10..........................................................................................................................110

example.11..........................................................................................................................110

example.12..........................................................................................................................111

example.13..........................................................................................................................111

example.sr...........................................................................................................................112

firewall................................................................................................................................113

server..................................................................................................................................113

tcpstate...............................................................................................................................113

BASIC.NAT..........................................................................................................................114

nat.eg.................................................................................................................................114

nat-setup.............................................................................................................................115

ipmon.conf..........................................................................................................................116

pool.conf.............................................................................................................................116

C HP-UX IPFilter kernel tunable parameters....................................................117

Overview............................................................................................................................117

fr_tcpidletimeout...................................................................................................................117

fr_statemax..........................................................................................................................118

ipf_icmp6_passthru...............................................................................................................118

ipl_buffer_sz........................................................................................................................118

Displaying logging buffer statistics.....................................................................................118

ipl_suppress.........................................................................................................................119

ipl_logall.............................................................................................................................119

Configuring and viewing kernel tunable parameters..................................................................119

Configuring kernel tunable parameters on HP-UX 11i v3........................................................119

Configuring kernel tunable parameters on HP-UX 11i v1 and HP-UX 11i v2..............................119

Configuring kernel tunable parameters using ndd............................................................120

Configuring fr_statemax and fr_tcpidletimeout using kmtune or kctune................................120

Enabling and disabling NAT functionality................................................................................121

D HP-UX IPFilter static linking.......................................................................122

Overview............................................................................................................................122

Static linking of HP-UX IPFilter on HP-UX 11i v2 and HP-UX 11i v3................................................122

Static linking of HP-UX IPFilter on HP-UX 11i v1.........................................................................122

E Performance guidelines............................................................................124

System configuration.............................................................................................................124

Rule loading........................................................................................................................124

Rule configuration.................................................................................................................125

Traffic.................................................................................................................................126

8 Contents