hello
anyone could explain why DENY rule does not work in my configuration. For test I wanted to grant ssh (22) for local and one remote host only.
I enabled "IPsec" devices in AIX:
mkdev -c ipsec -t 4
mkfilt -v 4 -u -z p
# lsdev -l ipsec_v4
ipsec_v4 Available IP Version 4 Security Extension
next added filter rules and activated firewall by:
# mkfilt -v4 -u
but this local AIX firewall is still allowing to access port 22/ssh from other than 192.168.3.4 remote hosts.
here is the check and sequence for rules applied:
# ckfilt -v4 -O
Beginning of IPv4 filter rules.
2|*** Dynamic filter placement rule for IKE tunnels ***|no
3|permit|127.0.0.1|0.0.0.0|0.0.0.0|0.0.0.0|yes|tcp|any|0|eq|22|both|inbound|no|all packets|0|all|0|||
4|permit|192.168.3.4|255.255.255.255|0.0.0.0|0.0.0.0|yes|tcp|any|0|eq|22|both|inbound|no|all packets|0|all|0|||
5|deny|0.0.0.0|0.0.0.0|0.0.0.0|0.0.0.0|yes|tcp|any|0|eq|22|both|inbound|no|all packets|0|all|0|||
Am I missing something?