Manualshelf

HP-UX IPFilter Version 17 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
21222324252627282930
ResultAliasOperand
true if port is less than or equal to the specified valuele<=
true if port is greater than or equal to the specified valuege>=
3.2.5.1 Service Names
You can specify a service name defined in the /etc/services file instead of the port number
when specifying a single port (when using the = operand). For example, you can configure the
following rule:
block in proto tcp from any to any port = telnet
3.3 Rate-based Filtering
Packet flow is controlled by defining the rate in packets per second of matching packets passing
through a machine. This function is useful against a SYN/ACK flood type of attack.
For example, to allow 10 outbound packets per second from any source address to the destination
address 10.1.1.42:
pass out from any to 10.1.1.42/32 pps 10
NOTE: This is available only on HP-UX 11i v3.
30 Configuring and Loading IPv4 Filter Rules