Manualshelf

Installing and Administering PPP

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1 Networking Software
919293949596979899100
Chapter 5 99
Security Techniques
Building a Stanza - Specifics
IP Addresses
An IP address may be represented in hexadecimal (for example,
0xc0000201) or dotted quad (for example, 192.0.2.1) notation and
represent either a host address or a network address. Network
addresses are simply used to represent contiguous ranges of hosts and
therefore do not necessarily correspond to actual networks. A network
address uses all zeros for the host portion of the address.
Example:
!192.168.199.1 # block packets to/from host 192.168.199.1
Netmasks
You must specify a netmask if the host portion of the network address
does not match the "natural" netmask. A netmask may be represented
in either hexadecimal or dotted quad notation. A network address must
also be present or the netmask is assumed to be an IP address.
Example:
10.7.123.0/255.255.255.0 # permit 10.7.123.0-10.7.123.255
Alternatively, you may specify the netmask after the address using a
semicolon followed by the number of one bits in the network mask.
Example:
10.7.123.0;24 # permit 10.7.123.0-10.7.123.255
Keywords with Numbers
A number of keywords can describe features of the packets, including
data within the packet header and the direction of travel.
IP Protocol Keywords
Keywords exist for the most commonly used IP protocols, ‘tcp’, ‘udp’, and
‘icmp’. Use only one protocol keyword per stanza. Use these keywords to
prevent ambiguity when specifying port numbers or types. You must use
‘17/tcp’ or ‘6/udp’ to avoid ambiguity.
Port Numbers
‘udp’ or ‘tcp’ combined with a number represents a port number.
Example: