HP-UX IPFilter Version A.03.05.14 Administrator's Guide
Firewall Building Concepts
Blocking Services by Port Number
Chapter 4 65
Blocking Services by Port Number
To create a ruleset that explicitly passes packets for a specific service or
services, but blocks all other traffic:
1. Configure the first rule to block all traffic.
2. Configure subsequent rules pass packets to specific services by port
number.
For example, to create a firewall on a Web server that will accept
connections on TCP port 80 only, configure the following ruleset:
block in on lan0 all
pass in quick on lan0 proto tcp from any to 20.20.20.1/32 port
= 80
This machine will pass in port 80 traffic for 20.20.20.1 and deny all other
traffic. This ruleset provides a basic firewall.