Manualshelf

HP-UX IPFilter Version 17 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
81828384858687888990
The first option only applies to packets in a specific session. You can use the first option to
monitor traffic on your system. For best results, use the first option in conjunction with rules
that use pass and keep state.
Example:
pass in log first proto tcp from amy to any flags S keep state
9.3.1.3 body
You can use the body option with the log keyword to track parts of an IP packet in addition to
the packet header information. IPFilter logs the first 128 bytes of a packet if the body option is
specified. For example:
block in log body proto tcp from 192.168.1.1 to any flags S keep state
NOTE: Using the body option with the log keyword can make your log files very long. Limit
the use of the body option to necessary instances.
9.3 Logging IPFilter Packets 89