Here are the steps that you should use:
1) Install IPFilter. If you are on HP-UX
11.23 (or HP-UX 11i v2), then IPFilter must
already be installed on your system. If you
are on HP-UX 11.00 or 11.11, then pick up the
IPFilter bits for free from:
https://h20293.www2.hp.com/portal/swdepot/try.do?productNumber=B9901AA2) Create a file (edit if already present)
named /etc/opt/ipf/ipf.conf with the
following content:
# Start /etc/opt/ipf/ipf.conf
pass in log first quick proto tcp from any to any flags S keep state
pass out log first quick proto tcp from any to any flags S keep state
pass in log first quick proto udp from any to any keep state
pass out log first quick proto udp from any to any keep state
pass in from any to any
pass out from any to any
# ------- End -----
Load the above rules using following command:
# /sbin/ipf -f /etc/opt/ipf/ipf.conf
Now everytimes a TCP or UDP connection is
created, connection will be logged in
/var/adm/syslog/syslog.log file (grep for
logs by "ipmon" daemon).
Configuration for logging entire packet
content of all the in/out packets is a little
more complicated. If you really need to do
that, let me know and I can help you with
that.
- Biswajit
:-)
