Manualshelf

HP-UX IPFilter Version A.03.05.14 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
61626364656667686970
Dynamic Connection Allocation
DCA Rule Conditions
Chapter 3 53
DCA Rule Conditions
DCA rules must conform to the following conditions:
The rule must be a quick rule.
The rule must be an in rule.
The rule can be used only with proto tcp.
•The log limit and log limit freq # rules can only be used with
the keep limit rule.
The source port must be a wildcard (*).
Port ranges are not allowed for source ports.
The connection limit specified in a keep limit rule must be a
non-zero, positive number. keep limit 0 rules are not allowed.
You cannot use the keep state keyword with the keep limit
keyword in the same rule.
•If keep limit is used, TCP state is kept on all connections that are
within the limit and are allowed through.