Manualshelf

HP-UX IPFilter Version A.03.05.14 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
131132133134135136137138139140
HP-UX IPFilter and RPC
Configuration Files
Chapter 8 125
Configuration Files
Rules Files
This section gives details on the two rules files that contain the IPFilter
rules. The two rules files are:
The IPFilter rules file specified in $IPF_CONF in
/etc/rc.config.d/ipfconf
The IPFilter RPC rules file specified in $RPC_RULES_FILE specified
in /etc/rc.config.d/rpc_ipfconf
NOTE See the following section for a description of
/etc/rc.config.d/rpc_ipfconf. A sample file is also provided.
To incorporate the dynamic ports used by the NFS processes, the
administrator should decide the position from which RPC rule should be
configured by setting RPC_RULE_POSITION to the desired value. For
example:
RPC_RULE_POSITION=5
The RPC rules will then be added from the 5th position onwards. If there
are 10 RPC rules, they will be inserted at positions 5 to 14. The position
must be chosen carefully. If there are only two rules present, then
RPC_RULE_POSITION must be 1,2 or 3 [RPC_RULE_POSITION =
<current
# of rules>
]. The Original rules file specified in
/etc/rc.config.d/ipfconf containing other rules is not modified.
By default, all RPC rules are configured as the first rules, for example,
RPC_RULE_POSITION=1. The RPC rules are well defined in terms of IP
addresses and ports and will have unique matches and, since they are
quick rules, they should be at top.
RPC Rules Configuration File
This file specifies details based on which IPFilter RPC rules will be
generated. /etc/opt/ipf/rpc.ipf/rpc_ipfconf.sample is provided as
an example.