HP-UX IPFilter Version A.03.05.14 Administrator's Guide
Rules and Keywords
IPFilter Configuration Files
Chapter 224
IPFilter Configuration Files
HP-UX IPFilter has two files it uses for configuration.
IPFilter Rules
The HP-UX IPFilter rules file is named /etc/opt/ipf/ipf.conf.
The UNIX configuration file conventions allow one rule per line. The
number symbol (#) denotes a comment at the beginning of a line as well
as a rule and a comment on the same line. Extra white space is allowed
and encouraged to keep the rules readable.
By default, HP-UX IPFilter starts on bootup and the rules from the
/etc/opt/ipf/ipf.conf file are processed.
When HP-UX IPFilter is first installed, the rules file is empty. You must
put rules into this file or change the configuration to read another file
that holds IPFilter rules. You can change the file information by editing
the rules file using vi or another text editor.
IPFilter Configuration File
When HP-UX IPFilter is installed, the ipfconf file is put in the
/etc/rc.config.d directory. The information in this file determines
how HP-UX IPFilter starts when the system is booted and also gives the
location of the rules file.
See Appendix A, “HP-UX IPFilter Configuration Examples,” on page 147
for example rules files to help you create your ruleset.