HP-UX IPFilter Version A.03.05.14 Administrator's Guide
HP-UX IPFilter Configuration Examples
BASIC_2.FW
Appendix A152
BASIC_2.FW
# SAMPLE: PERMISSIVE FILTER RULES
#
# ppp0 - (external) PPP connection to ISP, address a.b.c.d/32
#
# lan0 - (internal) network interface, address w.x.y.z/32
#
# This file contains the basic rules needed to construct a
# firewall for the above situation.
#
#-------------------------------------------------------
# Short packets which are packets fragmented too short to be
# real packets.
block in log quick all with short
#-------------------------------------------------------
# Group setup.
# ============
# By default, block and log all packets. This may result in
# too much information to be logged (especially for lan0) and
# the rules needs to be further refined.
#
block in log on ppp0 all head 100
block out log on ppp0 all head 150
block in log on lan0 from w.x.y.z/24 to any head 200
block out log on lan0 all head 250
#-------------------------------------------------------
# Invalid Internet packets.
# =========================
#
# Deny reserved addresses.
#
block in log quick from 10.0.0.0/8 to any group 100
block in log quick from 192.168.0.0/16 to any group 100
block in log quick from 172.16.0.0/12 to any group 100
#
# Prevent IP spoofing.
#
block in log quick from a.b.c.d/24 to any group 100
#
#-------------------------------------------------------
# Localhost packets.
# ==================
# packets going in/out of network interfaces that aren’t on the