HP-UX IPFilter Version 16 Administrator's Guide
In addition, you can use ipftest to test a set of filter rules without having to put them in
place. See the ipftest(1) manpage for more information on this tool.
• IPFilter rules changed after using Bastille/Install-Time-Security level.
If you configure an IPFilter ruleset-using Install-Time-Security level, or use HP-UX Bastille
interactively to reconfigure IPFilter rules, existing rules will be overwritten. This will change
IPFilter behavior.
To reinsert your rules into the Bastille-setup firewall rules, edit /etc/opt/sec_mgmt/
bastille/ipf.customrules, and run bastille -b -f config file . Alternatively,
to remove all of the security hardening performed by Bastille, including the firewall
configuration, run bastille -r. For more information, see the Bastille documentation.
Troubleshooting Tips 83