Manualshelf

HP-UX IPFilter Version A.03.05.14 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
161162163164165166167168169170
HP-UX IPFilter Configuration Examples
BASIC_1.FW
Appendix A 151
pass in quick proto tcp from any to any port = www keep state
group 201
#
#-------------------------------------------------------
block in log proto tcp from any to a.b.c.d/32 flags S/SA head
110 group 100
#
# Allow the following incoming packets types to the external
# firewall interface: mail, WWW, DNS
pass in log quick proto tcp from any to any port = smtp keep
state group 110
pass in log quick proto tcp from any to any port = www keep
state group 110
pass in log quick proto tcp from any to any port = 53 keep
state group 110
pass in log quick proto udp from any to any port = 53 keep
state group 100
#-------------------------------------------------------
# Log these:
# ==========
# * Return RST packets for invalid SYN packets to help the
#other end close
block return-rst in log proto tcp from any to any flags S/SA
group 100
# * Return ICMP error packets for invalid UDP packets
block return-icmp(net-unr) in proto udp all group 100