HP-UX IPFilter Version 16 Administrator's Guide
Table of Contents
About This Document .....................................................................................................11
Intended Audience................................................................................................................................11
New and Changed Information in This Edition...................................................................................11
Typographic Conventions.....................................................................................................................11
Related Information..............................................................................................................................12
Publishing History................................................................................................................................12
HP Encourages Your Comments..........................................................................................................12
1 Overview.......................................................................................................................13
Benefits and Features............................................................................................................................13
Supported and Unsupported Features.................................................................................................14
2 Installing HP-UX IPFilter................................................................................................15
Overview of HP-UX IPFilter Installation..............................................................................................15
Installation and Configuration Checklist........................................................................................15
Step 1: Checking HP-UX IPFilter Installation Prerequisites.................................................................15
Step 2: Installing HP-UX IPFilter..........................................................................................................15
Step 3: Verifying the Installation...........................................................................................................17
Step 4: (Optional) Modifying Kernel Tunable Parameters...................................................................17
Removing HP-UX IPFilter....................................................................................................................17
3 Configuring and Loading IPv4 Filter Rules................................................................19
IPv4 Filter Rules Configuration File.....................................................................................................20
Format..............................................................................................................................................20
Rule Order and Processing..............................................................................................................20
Basic Rule Syntax: Specifying the Action, Direction, Protocol, IP Addresses, and Ports.....................21
pass and block: Specifying the Filter Action...................................................................................21
in and out: Specifying the Filter Direction......................................................................................21
proto: Specifying the Upper Layer Protocol....................................................................................21
from and to: Specifying IP Addresses and Subnets........................................................................21
Examples....................................................................................................................................22
all: Specifying All IP Addresses.................................................................................................22
Example.................................................................................................................................22
port: Specifying TCP and UDP Ports...............................................................................................22
Service Names............................................................................................................................23
Processing Options: Logging Packets, Optimizing Rule Processing, and Specifying Interfaces.........24
Option Order...................................................................................................................................24
log: Logging Packets........................................................................................................................24
quick: Optimizing IPFilter Rules Processing...................................................................................24
on: Filtering by Network Interfaces.................................................................................................25
Protocol Options: TCP Flags, IP Options and Fragments, ICMP Types and State Information..........26
Option Order...................................................................................................................................26
flags: Specifying TCP Header Flags................................................................................................26
with opt and ipopts: Specifying IP Options....................................................................................27
not opt: Specifying Options Not Set...........................................................................................27
ipopts: Specifying Any IP Options.............................................................................................27
with frag and with short: Selecting Fragmented IP Packets...........................................................28
with frag: Selecting IP Packet Fragments...................................................................................28
Table of Contents 3