HP 1032 ClusterPack V2.4 Tutorial - Page 43

HP-UX IPFilter Validation

Get HP 1032 PDF manuals and user guides View all HP 1032 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 43 highlights

HP-UX IPFilter Validation HP-UX IPFilter is installed with the default HP-UX 11i V2 TCOE bundle. To validate its installation, run the following command: % swverify B9901AA Automatic setup of HP-UX IPFilter rules ClusterPack V2.4 provides a utility called nat.server to automatically set up the NAT rules, based on the cluster configuration. This tool can be invoked as follows: % /opt/clusterpack/lbin/nat.server Manually setting up the HP-UX IPFilter and NAT rules Setup the HP-UX IPFilter filtering rules In this section, we will walk through the steps of setting up HP-UX IPFilter pass through all of the packet For more complicated filtering rules, please refer to the HP-UX IPFilter documentation. z Create a file with pass-through rules % cat /tmp/filter.rules pass in all pass out all EOF % cat /tmp/filter.rules pass in all pass out all To create more complicated rules, please refer to the HP-UX IPFilter documentation. http://docs.hp.com/hpux/internet/index.html#IPFilter/9000 z Enable filtering based on this rule set % ipf -f /tmp/filter.rules Note: If there is an existing rule set, a new rule set can be loaded using: % ipf -Fa -f /tmp/filter.rules z For more complicated manipulations of the rule sets, refer to the ipf(5) and ipf(8) man pages. % man 5 ipf

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
HP-UX IPFilter Validation
HP-UX IPFilter is installed with the default HP-UX 11i V2 TCOE bundle. To validate its installation, run
the following command:
%
swverify B9901AA
Automatic setup of HP-UX IPFilter rules
ClusterPack V2.4 provides a utility called nat.server to automatically set up the NAT rules, based on the
cluster configuration. This tool can be invoked as follows:
%
/opt/clusterpack/lbin/nat.server
Manually setting up the HP-UX IPFilter and NAT rules
Setup the HP-UX IPFilter filtering rules
In this section, we will walk through the steps of setting up HP-UX IPFilter pass through all of the packet
For more complicated filtering rules, please refer to the HP-UX IPFilter documentation.
Create a file with pass-through rules
%
cat << EOF > /tmp/filter.rules
pass in all
pass out all
EOF
%
cat /tmp/filter.rules
pass in all
pass out all
To create more complicated rules, please refer to the HP-UX IPFilter documentation.
Enable filtering based on this rule set
%
ipf -f /tmp/filter.rules
Note:
If there is an existing rule set, a new rule set can be loaded using:
%
ipf -Fa -f /tmp/filter.rules
For more complicated manipulations of the rule sets, refer to the ipf(5) and ipf(8) man
pages.
%
man 5 ipf