HP-UX IPFilter Version 15.01 Administrator's Guide
Unsupported Features
HP-UX IPFilter does not support the following features:
• Filtering loopback packets. The HP-UX transport stack is optimized so that loopback packets
are not passed to any modules below IP, such as IPFilter. Loopback packets include the
following:
— Packets with the destination address in the range 127.0.0.0 - 127.255.255.255
— Packets with a destination address that is assigned to a local network interface card
— Packets sent to or received from the loopback interface (lo0)
• IPFilter NAT functionality for IPv6
• Dynamic Connection Allocation (DCA) functionality for IPv6 on HP-UX 11i v1
• Using the Remote Procedure Call (RPC) script /etc/opt/ipf/rpc.ipf with IPv6. This
script generates IPFilter rules for RPC ports.
Supported Utilities
HP-UX IPFilter supports the following utilities:
• /sbin/ipf
• /sbin/ipfstat
• /opt/ipf/bin/ipmon
• /opt/ipf/bin/ipftest
• /sbin/ipnat
• /opt/ipf/bin/ipfilter (supported on HP-UX 11i v3 only)
Unsupported Utilities
HP does not support the following public domain IPFilter utilities and commands:
• Rule keywords
— dup-to
— fastroute
— to
• Commands
— ipscan
— ipsyncs
— ipsyncm
— ipfs
— ipsend
— ipresend
• Application proxy
Supported and Unsupported Interfaces
The following table lists the interfaces supported for the two most current versions of HP-UX
IPFilter.
CAUTION: For all versions of HP-UX IPFilter, the unsupported interfaces do not interact with
IPFilter. IPFilter does not block or protect the system from traffic on unsupported interfaces.
HP-UX IPFilter is not tested with any third party products.
122 Product Specifications