Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP-UX IPFilter Version A.03.05.12 Administrator's Guide: HP-UX 11.0, HP-UX 11i version 1,HP-UX 11i version 2 > Chapter 4 Firewall Building Concepts

Localhost Filtering
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

Use localhost filtering with IPFilter to provide both security and convenience for your users.

Localhost filtering with IPFilter can be used effectively in conjunction with other security products, such as external firewalls and internal software products.

The following example is a ruleset configured to run on a machine that also uses TCP Wrapper to protect its network services. 

pass in quick on lan0 all
pass out quick on lan0 all
block in log all
block out all
pass in quick proto tcp from any to any port = 113 flags S keep  state
pass in quick proto tcp from any to any port = 22 flags S keep  state
pass in quick proto tcp from any port = 20 to any port 39999 >
 < 45000 flags S keep state
pass out quick proto icmp from any to any keep state
pass out quick proto tcp/udp from any to any keep state keep  frags

This IPFilter ruleset provides enhanced protection for the system and services using TCP Wrapper. Any security holes left by TCP Wrapper are plugged.

No negative impact results from running IPFilter all the time.



Improving Performance with Rule Groups
  		 


Using the to Keyword to Capture Blocked Packets  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2001-2005 Hewlett-Packard Development Company, L.P.