I'm trying to configure a firewall for AIX to accept incoming connections on ports 22 and 443 and deny everything else. All is ok; the server accepts connections only on 22 and 443, but after that I also need to accept all outgoing connections -- ssh and telnet, for example. So I started with
Afterwards, I had to accept outgoing connections, so I introduced another rule:
and after that tried more rules:
But outgoing connections still not working, does anyone have any knowledge about this?
Last edited by Don Cragun; 09-29-2016 at 03:36 PM..
Reason: Change HTML tags to CODE tags.
Hi-
I'm using NIM functionality (AIX5.3) to backup all AIX Servers but some Servers are in the DmZ and many tcpip ports (nfs, ping,etc...) should be open and... it's really a security risks!
As anyone experience about NIM Backup through Firewall?
Which tcpip ports should be open?
Could we... (1 Reply)
To all the expert out there,
I have successfully setup a AIX to AIX auto-SFTP with no password requested. Now my aim is to setup a AIX to Window auto-SFTP with no password requested as well. But I faced some problem that I do not know how to solve it.
I have followed the setting of AIX's... (8 Replies)
Hi - I frequently run commands, and transfer files to/from a host that uses SecurID ssh authentication. It is a real pain to have to enter the authentication information every time I want to interact with this host. I am wondering if there is a way to establish a one-time ssh connection to this... (2 Replies)
Hello,
Actually there are some bugs in application which does not close the TCP connection to other server though CORBA.
We need to kill that ESTABLISHED connections as new connection are not happeneing as the allocated ports were used and showing as ESTABLISHED
Is there any... (4 Replies)
Hi everyone,
I am hoping anyone of you could help me in this weird problem we have in 1 of our Solaris 10 servers. Lately, we have been having some ftp problems in this server. Though it can ping any server within the network, it seems that it can only ftp to a select few. For most servers, the... (4 Replies)
Hi,
I want to try to connect to a DB2 (MVS) database from an AIX, through my c++ custom program. Is anybody who knows how can I do this? Which libraries should I use? Should I have a DB2 connect installed on my AIX?
Thank you in advance. (3 Replies)
Yes, I guess that is what it is sort of meant to do but it is sort of a problem.
Scenario:
Server is running and is blocked at ACCEPT
Client A connects with server
Server returns from ACCEPT and moves to RECV call waiting for incoming string
Client... (4 Replies)
Dear all
I am writing a shell script to use telnet for the connection test
There are 3 cases to test and detail as:
/* Case 1 - The port can be connected */
# telnet host_a 20101 < /dev/null 2>&1 | grep -q Connected
# echo $? return 0
/* Case 2 - The port cannot be connected */
#... (1 Reply)
Alright... this question comes from the fact that I'm trying to setup postfix to relay messages to Office 365 SMTP but its giving me connection refused... I read that if you have doubts if your port is open or not you should telnet to them so thats what I did.
This is a Red Hat 6.3 box.
My... (4 Replies)
Hi all,
In my system, I have HMC 7 with Power Machine 6 & 7. On the managed system, we have many lpars.
In some lpars, I can see they are using virtual fiber channel to connect to DS8K storage. In search with google, I understand that it is configured with VIOS server to share the physical FC... (7 Replies)
Discussion started by: Phat
7 Replies
LEARN ABOUT LINUX
netmasks
netmasks(4) File Formats netmasks(4)NAME
netmasks - network mask database
SYNOPSIS
/etc/inet/netmasks
/etc/netmasks
DESCRIPTION
The netmasks file contains network masks used to implement IP subnetting. It supports both standard subnetting as specified in RFC-950 and
variable length subnetting as specified in RFC-1519. When using standard subnetting there should be a single line for each network that is
subnetted in this file with the network number, any number of SPACE or TAB characters, and the network mask to use on that network. Network
numbers and masks may be specified in the conventional IP `.' (dot) notation (like IP host addresses, but with zeroes for the host part).
For example,
128.32.0.0 255.255.255.0
can be used to specify that the Class B network 128.32.0.0 should have eight bits of subnet field and eight bits of host field, in addition
to the standard sixteen bits in the network field.
When using variable length subnetting, the format is identical. However, there should be a line for each subnet with the first field being
the subnet and the second field being the netmask that applies to that subnet. The users of the database, such as ifconfig(1M), perform a
lookup to find the longest possible matching mask. It is possible to combine the RFC-950 and RFC-1519 form of subnet masks in the net-
masks file. For example,
128.32.0.0 255.255.255.0
128.32.27.0 255.255.255.240
128.32.27.16 255.255.255.240
128.32.27.32 255.255.255.240
128.32.27.48 255.255.255.240
128.32.27.64 255.255.255.240
128.32.27.80 255.255.255.240
128.32.27.96 255.255.255.240
128.32.27.112 255.255.255.240
128.32.27.128 255.255.255.240
128.32.27.144 255.255.255.240
128.32.27.160 255.255.255.240
128.32.27.176 255.255.255.240
128.32.27.192 255.255.255.240
128.32.27.208 255.255.255.240
128.32.27.224 255.255.255.240
128.32.27.240 255.255.255.240
128.32.64.0 255.255.255.192
can be used to specify different netmasks in different parts of the 128.32.0.0 Class B network number. Addresses 128.32.27.0 through
128.32.27.255 have a subnet mask with 28 bits in the combined network and subnet fields (often referred to as the subnet field) and 4 bits
in the host field. Furthermore, addresses 128.32.64.0 through 128.32.64.63 have a 26 bits in the subnet field. Finally, all other
addresses in the range 128.32.0.0 through 128.32.255.255 have a 24 bit subnet field.
Invalid entries are ignored.
SEE ALSO ifconfig(1M), inet(7P)
Postel, Jon, and Mogul, Jeff, Internet Standard Subnetting Procedure, RFC 950, Network Information Center, SRI International, Menlo Park,
Calif., August 1985.
V. Fuller, T. Li, J. Yu, K. Varadhan, Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy, RFC 1519,
Network Information Center, SRI International, Menlo Park, Calif., September 1993.
T. Pummill, B. Manning, Variable Length Subnet Table For IPv4, RFC 1878, Network Information Center, SRI International, Menlo Park, Calif.,
December 1995.
NOTES
/etc/inet/netmasks is the official SVr4 name of the netmasks file. The symbolic link /etc/netmasks exists for BSD compatibility.
SunOS 5.10 7 Jan 1997 netmasks(4)