IP Filter on HP-UX 11.00: anyone using this?

I am interested in restricting network connections to a server based on source IP and dest port. (not simply the inetd ones)

Is anyone using the version from:
http://coombs.anu.edu.au/ipfilter/ipf-mentat.html

successes or horror stories are encouraged :-)

Thanks,

Jim

12 REPLIES 12

I am using it for testing. As long as you have the correct patches applied it works the way it is supposed. We have had it running a "D" Class machine under load for over thirty days and are close to going live with it.

You have installed PHNE_23456 ?

This software is widely deployed and respected. A version of it is also available pre-compiled, supported, and free of charge from HP called IPFilter/9000.

Brainbench MVP for Unix Administration and Internet Security, SANS Review Editor, and Center for Internet Security HP-UX Benchmark project leader

I have searched on HP's sites and have been unable to locate the version they offer. Can someone steer me in the right direction?

Thanks,
Jeff Vickery
jvickery@jjc.cc.il.us

Search for ipfilter on www.software.hp.com. At least next time it's on the air.

Brainbench MVP for Unix Administration and Internet Security, SANS Review Editor, and Center for Internet Security HP-UX Benchmark project leader

Hi there, I searched for ipfilter in www.software.hp.com and nothing was found. Instead, I found IDS/9000. These really don't seem the be the same product. Any other hint on where the HP supported version of ipfilter can be found?

Well, I managed to find documentation at http://docs.hp.com/hpux/internet/#IPFilter/9000
and references at http://www.hp.com/products1/unix/operating/, but nothing about how to find the packages. Maybe they're on the application CD or something...

Brainbench MVP for Unix Administration and Internet Security, SANS Review Editor, and Center for Internet Security HP-UX Benchmark project leader

According to my contacts at HP, it's on the latest Applications CD and is not codeword protected. Don't know why it's not on the web site.

Brainbench MVP for Unix Administration and Internet Security, SANS Review Editor, and Center for Internet Security HP-UX Benchmark project leader

I'm also looking for the HP versions, and have so far been unable to locate them. I've looked through (my latest) copies of the applications cd's of december 2000 and the software.hp.com website, but can't find anything but the documentation.

When does the hurting stop...

Well, if all else fails, you can pick up the HP-UX binaries from www.ipfilter.org (which actually redirects you to http://coombs.anu.edu.au/~avalon/ip-filter.html).

Brainbench MVP for Unix Administration and Internet Security, SANS Review Editor, and Center for Internet Security HP-UX Benchmark project leader

Wow, It looks like there are a lot of people also interested in making this work.

I have not posted replys, but I am reading all of your messages, and am going to try this (we are doing work for a rather conservative client, so running non-standard code is a sensitive issue).

I will pull the latest (including referenced patches) down from the porting/archive center and give it a try on a development box.

Thanks again

Jim H.

HP has provided IPFilter/9000 with HP-UX 11.0 and 11i quarterly application releases on the application CD since March 2001.

It will be available for download in December from software depot, and continue to be in the application CD.