Manualshelf

HP-UX IPFilter Version A.03.05.14 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
41424344454647484950
Rules and Keywords
IPFilter Keywords
Chapter 2 33
Rule order is important if you are using the icmp-type keyword with the
quick keyword. Place pass rules before block rules in the ruleset to be
sure the correct packets are passed.
port: Filtering on TCP and UDP Ports
In addition to filtering network traffic by protocol, you can use IPFilter to
block traffic on specific ports used by a protocol. You can pass or block
traffic on a specific port, such as a well-known port used by a service like
telnet or rlogin.
For example, you can block incoming telnet traffic with the following
rule:
block in log quick on lan0 proto tcp from any to 20.20.20.0/24
port = 23
You can also pass or block traffic on a range of ports, such as the high
port numbers used for client telnet connections. The following is a list of
operands you can use with port numbers:
14 0 timestrep TIMESTAMP REPLY
15 0 inforeq INFO REQUEST (obsolete)
16 0 inforep INFO REPLY (obsolete)
17 0 maskreq ADDRESS MASK REQUEST
18 0 maskrep ADDRESS MASK REPLY
TYPE CODE
icmp-type
icmp-code
MEANING
Operand Alias Result
< lt true if port is less than configured value
> gt true if port is greater than configured value
= eq true if port is equal to configured value
!= ne true if port is not equal to configured value