If this is what you are using, it seems they define the rules in terms of
where eq seems to be "equal", gt "greater than", lt "less than" etc.
Check out the following link for examples:
Thanks, are there any better alternatives to using IPsec? I am an Linux admin so I am used to using IPtables but the preferred option for AIX from what I have read seems to be IPsec?
Using smit it only allows me to use one argument for the port but I haven't checked it this works fine using CL.
I want to print between the range two patterns if a particular pattern is present in between the two patterns. I am new to Unix. Any help would be greatly appreciated.
e.g.
Pattern1
Bombay
Calcutta
Delhi
Pattern2
Pattern1
Patna
Madras
Gwalior
Delhi
Pattern2
Pattern1... (2 Replies)
May I know what is the TCP/UCP port range for any default AIX NFS? Based on rpcinfo -p, I got the following output:
program vers proto port service
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100000 4 ... (4 Replies)
Hi, this is my first post...:p
Hello Admin :)
Can I have an ask for something with my configuration ?
I have finished some kind of the tutorial to build ipsec site to site, and the "step" has finished completely.
I have a simulation with a local design topology with two PC's (FreeBSD ... (0 Replies)
hello,
after configuration ipsec in ip4 I can not ping between client and server whereas I had success ping before configuration!
I also generate different key for AH and ESP as i have shown below.
what is my problem and what should i do to have ping and test the configuration?
code:
... (0 Replies)
I want to limit all *outbound* traffic on eth0 (or all *.*) on port 25 to a specific (allowed) range...
I.E.
192.168.1.5 (local ip) tries to connect to 1.2.3.4:25 (outside real world ip)
It can proceed because 1.2.3.0/24 is the allowed range
Now, 192.168.1.5 (local ip) tries to connect to... (1 Reply)
In my Linux system ephemeral port range is showing different ranges as follows
$ cat /proc/sys/net/ipv4/ip_local_port_range
32768 61000
cat /etc/sysctl.conf | grep net.ipv4.ip_local_port_range
net.ipv4.ip_local_port_range = 9000 65500
Which will be the effective ephemeral port... (5 Replies)
I'll start with I'm not an AIX expert, I inherited a lot of AIX servers to maintain.
My problem is on AIX 7.1 TL4 SP4 environments. I'm running named as a DNS forwarder only to internal DNS servers.
These AIX servers have a customized UDP ephemeral port range to avoid conflicting with the... (0 Replies)
hi,
i would like to create a bash script that check which port in my Linux server are closed (not in use) from a specific range, port range (3000-3010).
the print output need to be only 1 port, and it will be nice if the output will be saved as a variable or in same file.
my code is:
... (2 Replies)
Discussion started by: yossi
2 Replies
LEARN ABOUT DEBIAN
getipsecprotobynum
getipsecprotobyname(3NSL) Networking Services Library Functions getipsecprotobyname(3NSL)NAME
getipsecprotobyname, getipsecprotobynum - query IPsec protocols entries
SYNOPSIS
cc -flag ... file ...-lnsl [-library ...]
#include <netdb.h>
int getipsecprotobyname(const char *proto_name);
char *getipsecprotobynum(int proto_num);
DESCRIPTION
Use the getipsecprotobyname() and getipsecprotobynum() functions to obtain the IPsec algorithm mappings that are defined by ipsecalgs(1M).
You can also use the getipsecprotobyname() and getipsecprotobynum() functions in conjunction with getipsecalgbyname(3NSL) and getipsecal-
gbynum(3NSL) to obtain information about the supported IPsec algorithms. The IPsec algorithms and associated protocol name spaces are
defined by RFC 2407.
getipsecprotobyname() takes as an argument the name of an IPsec protocol and returns its assigned protocol number. The character string
returned by the getipsecprotobyname() function must be freed by the called when it is no longer needed.
getipsecprotobynum() takes as an argument a protocol number and returns the corresponding protocol name.
The following protocol numbers are pre-defined:
IPSEC_PROTO_ESP Defines the encryption algorithms (transforms) that can be used by IPsec to provide data confidentiality.
IPSEC_PROTO_AH Defines the authentication algorithms (transforms) that can be used by IPsec to provide authentication.
PARAMETERS
proto_name A pointer to the name of an IPsec protocol.
proto_num A pointer to a protocol number. conditions.
RETURN VALUES
The getipsecprotobyname() function returns a protocol number upon success, or -1 if the protocol specified does not exist.
The getipsecprotobynum() function returns a protocol name upon success, or the NULL value if the protocol number specified does not exist.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsl (32 bit) |
+-----------------------------+-----------------------------+
| |SUNWcslx (64 bit) |
+-----------------------------+-----------------------------+
|MT Level |MT Safe |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
SEE ALSO ipsecalgs(1M), getipsecalgbyname(3NSL), getipsecalgbynum(3NSL), attributes(5)
Piper, D. RFC 2407, The Internet IP Security Domain of Interpretation for ISAKMP. Network Working Group. November, 1998.
SunOS 5.10 13 Aug 2003 getipsecprotobyname(3NSL)