HP-UX IPFilter Version 17 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software

monitoring IPFilter, 90

multi-level grouping, 40

N

NAT

file configuration, 63

viewing and loading rules, 98

NAT keywords

bimap, 71

map, 66

map-block, 67

portmap, 66

rdr, 68

nat tags, 43

netstat, 94

nslookup, 37

O

on keyword, 32

opt keyword, 34

out keyword, 28

P

package IP address, 122

pass keyword, 28

patch dependencies, 21

performance guidelines, 151

performance monitoring, 154

rule configuration, 152

rule loading, 152

system configuration, 151

traffic, 153

performance improvement, 40

performance information, 80

performance monitoring guidelines, 154

pfil module, 149

ping, 37

port keyword, 29

port number filtering, 29

portmap keyword, 66

prerequisites

installation, 21

patch dependencies, 21

proto keyword, 28

protocol 50 and 51 traffic, 119

protocol-based filtering

IPv6, 46

Q

quick keyword, 31

R

rdr keyword, 68

reloading IPFilter, 92

removing, 23

removing IPFilter software

static linking, 149, 150

reporting problems, 37, 94

return-icmp-as-dest keyword, 39

return-rst keyword, 39

rule configuration guidelines, 152

rule groups, 40

rule loading guidelines, 152

rule tags, 43

rules

active list, 42

adding rules to a rules file, 42, 49

bimap keyword, 71

block keyword, 28

errors occur when loading, 93

file configuration, 27

flags keyword, 33

flushing, 42

from keyword, 28

grouping, 40

icmp-type keyword, 35, 101

in keyword, 28

inactive list, 42

interface-specific, 32

IP address-specific, 28

ipopts keyword, 34

IPv6, 45

keep frags keyword, 38

keep limit keyword, 53

keep state keyword, 35, 36

log keyword, 31, 88

log limit freq keyword, 55

log limit keyword, 54

map keyword, 66

map-block keyword, 67

on keyword, 32

opt keyword, 34

out keyword, 28

outbound traffic, 28

pass keyword, 28

performance improvement with, 40

port keyword, 29

portmap keyword, 66

processing order, 27, 63

proto icmp keep state, 37

proto keyword, 28

quick keyword, 31

rdr keyword, 68

removing, 43

return-icmp-as-dest keyword, 39

return-rst keyword, 39

Serviceguard, 122

swapping active and inactive rules lists, 42

taking effect, 42, 49, 57

to keyword, 28

with frags keyword, 35

with short keyword, 35

S

Serviceguard, 121

Cluster Object Manager, 125

filtering on a package IP address, 122

intra-cluster communication, 123

158 Index