Manualshelf

HP-UX IPFilter Version 15.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
71727374757677787980
The ipftestutility supports additional options to specify the input format and to control packet
testing. For a complete list of options and their functions, see the ipftest manpage.
Example
The following ruleset is used for this example:
block in all
pass in from 10.1.84.195 to any
The input file contains the following packet descriptors:
in on lan0 udp 10.1.84.195,16000 10.1.84.196,16000
in on lan1 udp 10.1.84.195,16000 10.1.85.196,16000
in on lan0 udp 10.1.84.195,16000 10.1.80.196,16000
in on lan0 udp 10.1.85.195,16000 10.1.84.196,16000
in on lan1 udp 10.1.85.195,16000 10.1.85.196,16000
in on lan0 udp 10.1.85.195,16000 10.1.80.196,16000
out on lan0 udp 10.1.84.196,16000 10.1.84.195,16000
out on lan1 udp 10.1.85.196,16000 10.1.84.195,16000
out on lan0 udp 10.1.80.196,16000 10.1.84.195,16000
out on lan0 udp 10.1.84.196,16000 10.1.85.195,16000
out on lan1 udp 10.1.85.196,16000 10.1.85.195,16000
out on lan0 udp 10.1.80.196,16000 10.1.85.195,16000
in on lan0 udp 10.1.81.195,16000 10.1.84.196,16000
in on lan1 udp 10.1.81.195,16000 10.1.85.196,16000
out on lan0 udp 10.1.84.196,16000 10.1.81.195,16000
out on lan1 udp 10.1.85.196,16000 10.1.81.195,16000
out on lan0 icmp 10.1.84.196 10.1.84.195
in on lan0 icmp 10.1.84.195 10.1.84.196
out on lan0 udp 10.1.80.196,16001 10.1.84.195,16000
out on lan0 udp 10.1.80.196,16001 10.1.85.195,16000
in on lan0 udp 10.1.84.195,16000 10.1.80.196,16001
in on lan0 udp 10.1.85.195,16000 10.1.80.196,16001
These packets are similar to a test system setup that is used in the actual testing of IPFilter. The
name of the rules file is test01 and the name of the packet file is packets01. The packets are
processed with ipftest using the following command:
ipftest -r test01 -i packets01
The following is the output of ipftest:
opening rule file "test01"
input: in on lan0 udp 10.1.84.195,16000 10.1.84.196,16000
pass ip 28(20) 17 10.1.84.195,16000 > 10.1.84.196,16000
--------------
input: in on lan1 udp 10.1.84.195,16000 10.1.85.196,16000
pass ip 28(20) 17 10.1.84.195,16000 > 10.1.85.196,16000
--------------
input: in on lan0 udp 10.1.84.195,16000 10.1.80.196,16000
pass ip 28(20) 17 10.1.84.195,16000 > 10.1.80.196,16000
--------------
input: in on lan0 udp 10.1.85.195,16000 10.1.84.196,16000
block ip 28(20) 17 10.1.85.195,16000 > 10.1.84.196,16000
--------------
input: in on lan1 udp 10.1.85.195,16000 10.1.85.196,16000
block ip 28(20) 17 10.1.85.195,16000 > 10.1.85.196,16000
--------------
input: in on lan0 udp 10.1.85.195,16000 10.1.80.196,16000
80 Troubleshooting HP-UX IPFilter