Security
cancel
Showing results for 
Search instead for 
Did you mean: 

IPFilter error when using ippool + port

 
Occasional Visitor

IPFilter error when using ippool + port

Hi, 

I'm trying to configure rules in ipfilter using ip pools but it fails if I add ports:

IP pool:

table role = ipf type = tree number = 1
{ 1.1.1.1/32; 2.2.0.0/16; };

 

@7 pass out log first quick proto udp from any to pool/1 port = 53 keep state head 0 group 0 set-tag(log=rule12)
15: unknown words at end: [port = 53 keep state head 0 group 0 set-tag(log=rule12) ]



If I remove the port - the rule is applied without errors:

@7 pass out log first quick proto udp from any to pool/1 keep state head 0 group 0 set-tag(log=rule12)

 

bash-4.4# uname -a
HP-UX hpux-05 B.11.31 ....

bash-4.4# ipf -V
ipf: HP IP Filter: v3.5alpha5 (A.11.31.17) (488)
Kernel: HP IP Filter: v3.5alpha5 (A.11.31.17)
Enabled: yes
Filtering: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 0



Is this some kind of limitation of the IPF version?
It works as expected on Solaris and AIX...


Thanks in advance.

1 REPLY 1
Highlighted
HPE Pro

Re: IPFilter error when using ippool + port

Is this some kind of limitation of the IPF version?
Answer :- Yes there are Limitations. Adding port is not supported currently with IPFilter Product. Incase of development and enhancement please raise a Enhancement Request/Business Justification with a ESR/DR and then we will have to have enhancement for the product to support the port Filtering. 

Currently it is not supported.

I am a HPE Employee

 

 

 


I am a HPE Employee

Accept or Kudo