HPE Community
Operating System - HP-UX
1848733 Members
2210 Online
104036 Solutions
New Discussion

Packetfilter on HP-UX 11.00

 
SOLVED
Go to solution
CPHVF-U Guard
Advisor

‎09-17-2001 03:22 AM

‎09-17-2001 03:22 AM

Packetfilter on HP-UX 11.00

Hi.

I would like to allow telnet[1] through our firewall to a single host, from that host it must not be possible to telnet/ftp/r* to other hosts (same network).

I guess I need some packet-filtering here...

In linux I would do something like:
iptables -A OUTPUT --d-port 23 -j DENY

How do I do that in HP-UX?

[1] I know about ssh, but it don't change the question.
0 Kudos
Reply
4 REPLIES 4
Santosh Nair_1
Honored Contributor

‎09-17-2001 03:56 AM

‎09-17-2001 03:56 AM

Solution

Re: Packetfilter on HP-UX 11.00

Not sure if you looked at inetd.sec to see if that fits your needs.

If not, IPFiltering is "available" for HP-UX, but right now its in alpha. I believe HP is even shipping the alpha code on the latest application CD. Otherwise, you can download the code from (although this may not be an option for you) :

http://coombs.anu.edu.au/~avalon/

-Santosh
Life is what's happening while you're busy making other plans
Reply
CPHVF-U Guard
Advisor

‎09-17-2001 04:34 AM

‎09-17-2001 04:34 AM

Re: Packetfilter on HP-UX 11.00

Thanks,

We have ~100 HP-UX servers.
I would prefer a packet-filter, compared to inetd.sec.

I will have a look on the latest CD.

0 Kudos
Reply
CPHVF-U Guard
Advisor

‎09-17-2001 04:55 AM

‎09-17-2001 04:55 AM

Re: Packetfilter on HP-UX 11.00

Uuups,

Do you know the name of the product to install?

0 Kudos
Reply
Santosh Nair_1
Honored Contributor

‎09-17-2001 05:10 AM

‎09-17-2001 05:10 AM

Re: Packetfilter on HP-UX 11.00

From the June 2001 HP 11.0 applications CD (disk 1):

B9901AA A.03.05.01 HP IPFilter 3.5alpha5

I'm not sure how stable it is though and I've never had the chance to actually use it, so I'm not sure I'd really recommend using it.

-Santosh
Life is what's happening while you're busy making other plans
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.