Firewall in SCO Unix

[lorel]

I have been told that there is firewall software in the SCO 5.0.7 UNIX operating system. Is this is the case I have not found it.
Can someone tell me is there is such a thing and, if there is, what are the files associated with it?

Thanks again

Joe

 

[motoslide]

I'm not a expert on it's use, but SCO includes the "ipf" and "ipnat" utilities for this purpose.

man ipf
man ipnat

I've used this on SCO OpenServer6 for our mail server, but haven't tried it on 5.0.7.
It uses a rule configuration file. Here is an example of the one on our mail server.
This is primarily used to limit which systems (internal and external) have access to the SMTP and POP traffic.

# more /etc/ipf.conf
block in proto tcp from any to any port = 25
block in proto tcp from any to any port = 110
pass in proto tcp from 12.129.199.61 to any port = 25
pass in proto tcp from 207.46.163.0/24 to any port = 25
pass in proto tcp from 65.55.251.0/24 to any port = 25
pass in proto tcp from 207.46.51.64/26 to any port = 25
pass in proto tcp from 213.199.154.0/24 to any port = 25
pass in proto tcp from 213.244.175.0/24 to any port = 25
pass in proto tcp from 12.129.219.155 to any port = 25
pass in proto tcp from 12.129.20.0/24 to any port = 25
pass in proto tcp from 63.241.222.0/24 to any port = 25
pass in proto tcp from 206.16.57.70 to any port = 25
pass in proto tcp from 216.32.180.0/24 to any port = 25
pass in proto tcp from 216.32.181.0/24 to any port = 25
pass in proto tcp from 192.168.197.0/24 to any port = 25
pass in proto tcp from 192.168.197.0/24 to any port = 110
pass in proto tcp from 192.168.198.0/24 to any port = 25
pass in proto tcp from 192.168.198.0/24 to any port = 110
pass in proto tcp from 127.0.0/24 to any port = 25

The program to start/stop this process is /etc/init.d/ipfnat.


"Proof that there is intelligent life in Oregon. Well, Life anyway.