HP-UX IPFilter Version 16 Administrator's Guide
Integrating keep limit Rules
The following procedure describes how to add a specific subnet or IP address range rule before
an existing general subnet or IP address range rule.
1. Add the new subnet or IP address range rule. Be sure to re-enter the old subnet or IP address
range rule exactly as it was entered before.
When a new connection matches an existing limit entry, the new connection will be processed
by the new subnet or IP address range rule. The subnet or IP address range can be cumulative
or noncumulative.
Extracting an Individual Rule from a Subnet Rule
To extract an individual rule from a subnet rule:
1. Add the new rule on the line before the subnet rule. Be sure the subnet or IP address range
rule is identical to the old rule.
When a new connection matches an existing limit entry, the new connection will be processed
by the new individual rule. The subnet or IP address range can be cumulative or
noncumulative.
Loading and Modifying DCA Rules 51