HPE Community
Operating System - HP-UX
1752579 Members
3941 Online
108788 Solutions
New Discussion юеВ

Re: How disable ipfilter on hp-ux 11.31

 
SOLVED
Go to solution
seenivasan
Frequent Advisor

тАО02-23-2011 09:21 AM

тАО02-23-2011 09:21 AM

How disable ipfilter on hp-ux 11.31

#ipfilter -q
IPFilter Enabled and filtering

I disabled the firewall by running тАЬipfilter тАУdтАЭ, but I have no idea how to stop this from running again the next time the server is rebooted.

The man page doesnтАЩt give much detail on this firewall or how to configure it:

Regards,
Seenivasan
0 Kudos
Reply
6 REPLIES 6
Patrick Wallek
Honored Contributor

тАО02-23-2011 09:26 AM

тАО02-23-2011 09:26 AM

Solution

Re: How disable ipfilter on hp-ux 11.31

Check the /etc/rc.config.d directory for an 'ipfilter' file.

The contents of this file should control whether or not IPFilter is started when the system is booted.
Reply
Ismail Azad
Esteemed Contributor

тАО02-23-2011 09:38 AM

тАО02-23-2011 09:38 AM

Re: How disable ipfilter on hp-ux 11.31

Hi,

Adding to JRF, the exact file on HPUX 11.31 on any environment would be /etc/rc.config.d/ipfconf..... You will see one control variable called as IPF_START, setting it to 0 would mean disabling it. Most probably you will see 1 on that field from the output you have shown. The startup script looks like /sbin/init.d/ipfboot which would check the file /etc/rc.config.d/ipfconf at the time of boot which is what enables or disables your IP Filter service!.

Regards
Ismail Azad
Read, read and read... Then read again until you read "between the lines".....
Reply
Ismail Azad
Esteemed Contributor

тАО02-23-2011 09:49 AM

тАО02-23-2011 09:49 AM

Re: How disable ipfilter on hp-ux 11.31

Hi,

> sorry I meant adding to Patrick {not JRF}...

Just one general thing I'd like to add , don't mess with the startup script /sbin/init.d/ipfboot while trying to enable or "disable" a service, instead always change "contol variables" in the configuration file. Do not touch startup script for this purpose as HPUX boots with these startup scripts always "looking into" the configuration files.

Regards
Ismail Azad

Read, read and read... Then read again until you read "between the lines".....
Reply
seenivasan
Frequent Advisor

тАО02-23-2011 09:54 AM

тАО02-23-2011 09:54 AM

Re: How disable ipfilter on hp-ux 11.31

in ipfilter how to allow ports?
0 Kudos
Reply
nijokj
Trusted Contributor

тАО02-23-2011 10:53 AM

тАО02-23-2011 10:53 AM

Re: How disable ipfilter on hp-ux 11.31

kindly refer this url for detailed description.
http://www.netbsd.org/docs/network/nsps/config_ipf.html
Reply
Manix
Honored Contributor

тАО02-23-2011 10:57 AM

тАО02-23-2011 10:57 AM

Re: How disable ipfilter on hp-ux 11.31

port: Filtering on TCP and UDP Ports

In addition to filtering network traffic by protocol, you can use IPFilter to block traffic on specific ports used by a protocol. You can pass or block traffic on a specific port, such as a well-known port used by a service like
telnet or rlogin.
For example, you can block incoming telnet traffic with the following
rule:
block in log quick on lan0 proto tcp from any to 20.20.20.0/24
port = 23


http://docs.hp.com/en/B9901-90029/B9901-90029.pdf

Do read pg42 onwards for the more description.

Thanks
Manix
HP-UX been always lovable - Mani Kalra
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.