HP-UX IPFilter Version 15.01 Administrator's Guide
In addition, you can use ipftest to test a set of filter rules without having to put them in
place. See the ipftest(1) manpage for more information on this tool.
• IPFilter rules changed after using Bastille/Install-Time-Security level.
If you configure an IPFilter ruleset-using Install-Time-Security level, or use HP-UX Bastille
interactively to reconfigure IPFilter rules, existing rules will be overwritten. This will change
IPFilter behavior.
To reinsert your rules into the Bastille-setup firewall rules, edit
/etc/opt/sec_mgmt/bastille/ipf.customrules, and run bastille -b -f
config file . Alternatively, to remove all of the security hardening performed by Bastille,
including the firewall configuration, run bastille -r. For more information, see the
Bastille documentation.
Troubleshooting Tips 87