Operating System - HP-UX

1826373 Members

4361 Online

109692 Solutions

IPFilter and ifconfig

Question to you all. I was talking with some folks on the IPFilter team, and there is a question about how people tend to use it, specifically with ifconfig.

The current way that an IPFilter module is plumbed into an interface is automatic... which always exacts a <2% performance hit, but also protects the interface (if there are associated IPFilter rules).

Is it common within your experience to use IPFilter, but not on every interface?

Should the default be to plumb/install it on every interface and take the performance hit if IPfilter is installed?

How often do you use ifconfig to bring up an interface (vs. net stop/start) vs. editing /etc/rc.config.d/netconf and rebooting?

Would you expect ifconfig to load IPFilter and protect the interface by default, or use a "-m " switch to load the interface explicitly? What would you prefer?

Those Who Would Sacrifice Liberty for Security Deserve Neither." - Benjamin Franklin

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

IPFilter and ifconfig

IPFilter and ifconfig