fix conflicts

1 files changed, 95 insertions, 1 deletions

diff --git a/contrib/ipfilter/man/ipfstat.8 b/contrib/ipfilter/man/ipfstat.8
index 89adb85..bc81b5a 100644
--- a/contrib/ipfilter/man/ipfstat.8
+++ b/contrib/ipfilter/man/ipfstat.8
@@ -5,7 +5,27 @@ ipfstat \- reports on packet filter statistics and filter list
 .SH SYNOPSIS
 .B ipfstat
 [
-.B \-aAfghIinosv
+.B \-6aAfghIinosv
+] [
+.B \-d
+<device>
+]
+
+.B ipfstat -t
+[
+.B \-C
+] [
+.B \-D
+<addrport>
+] [
+.B \-P
+<protocol>
+] [
+.B \-S
+<addrport>
+] [
+.B \-T
+<refresh time>
 ] [
 .B \-d
 <device>
@@ -22,15 +42,32 @@ is to retrieve and display the accumulated statistics which have been
 accumulated over time as the kernel has put packets through the filter.
 .SH OPTIONS
 .TP
+.B \-6
+Display filter lists for IPv6, if available.
+.TP
 .B \-a
 Display the accounting filter list and show bytes counted against each rule.
 .TP
 .B \-A
 Display packet authentication statistics.
+.TP 
+.B \-C
+This option is only valid in combination with \fB\-t\fP.
+Display "closed" states as well in the top. Normally, a TCP connection is
+not displayed when it reaches the CLOSE_WAIT protocol state. With this
+option enabled, all state entries are displayed.
 .TP
 .BR \-d \0<device>
 Use a device other than \fB/dev/ipl\fP for interfacing with the kernel.
 .TP
+.BR \-D \0<addrport>
+This option is only valid in combination with \fB\-t\fP. Limit the state top
+display to show only state entries whose destination IP address and port
+match the addport argument. The addrport specification is of the form
+ipaddress[,port].  The ipaddress and port should be either numerical or the
+string "any" (specifying any ip address resp. any port). If the \fB\-D\fP
+option is not specified, it defaults to "\fB\-D\fP any,any".
+.TP
 .B \-f
 Show fragment state information (statistics) and held state information (in
 the kernel) if any is present.
@@ -55,10 +92,38 @@ Show the "rule number" for each rule as it is printed.
 .B \-o
 Display the filter list used for the output side of the kernel IP processing.
 .TP
+.BR \-P \0<protocol>
+This option is only valid in combination with \fB\-t\fP. Limit the state top
+display to show only state entries that match a specific protocol. The
+argument can be a protocol name (as defined in \fB/etc/protocols\fP) or a
+protocol number. If this option is not specified, state entries for any
+protocol are specified.
+.TP
 .B \-s
 Show packet/flow state information (statistics) and held state information (in
 the kernel) if any is present.
 .TP
+.BR \-S \0<addrport>
+This option is only valid in combination with \fB\-t\fP. Limit the state top
+display to show only state entries whose source IP address and port match
+the addport argument. The addrport specification is of the form
+ipaddress[,port].  The ipaddress and port should be either numerical or the
+string "any" (specifying any ip address resp. any port). If the \fB\-S\fP
+option is not specified, it defaults to "\fB\-S\fP any,any".
+.TP
+.B \-t
+Show the state table in a way similar to they way \fBtop(1)\fP shows the process
+table. States can be sorted using a number of different ways. This options
+requires \fBncurses(3)\fP and needs to be compiled in. It may not be available on
+all operating systems. See below, for more information on the keys that can
+be used while ipfstat is in top mode.
+.TP
+.BR \-T \0<refreshtime>
+This option is only valid in combination with \fB\-t\fP. Specifies how often
+the state top display should be updated. The refresh time is the number of
+seconds between an update. Any postive integer can be used. The default (and
+minimal update time) is 1.
+.TP
 .B \-v
 Turn verbose mode on.  Displays more debugging information.
 .SH SYNOPSIS
@@ -70,6 +135,35 @@ parameters are present.
 When supplied with either \fB\-i\fP or \fB\-o\fP, it will retrieve and display
 the appropriate list of filter rules currently installed and in use by the
 kernel.
+.SH STATE TOP
+Using the \fB\-t\fP option \fBipfstat\fP will enter the state top mode. In
+this mode the state table is displayed similar to the way \fBtop\fP displays
+the process table. The \fB\-C\fP, \fB\-D\fP, \fB\-P\fP, \fB\-S\fP and\fB\-T\fP 
+commandline options can be used to restrict the state entries that will be 
+shown and to specify the frequency of display updates.
+.PP
+In state top mode, the following keys can be used to influence the displayed
+information. \fBl\fP can be used to redraw the screen. \fBq\fP is used to
+quit the program. \fBs\fP can be used to change the sorting criterion and
+\fBr\fP can be used to reverse the sorting criterion.
+.PP
+States can be sorted by protocol number, by number of IP packets, by number
+of bytes and by time-to-live of the state entry. The default is to sort by
+the number of bytes. States are sorted in descending order, but you can use
+the \fBr\fP key to sort them in ascending order.
+.SH STATE TOP LIMITATIONS
+It is currently not possible to interactively change the source, destination
+and protocol filters or the refreh frequency. This must be done from the
+command line.
+.PP
+The screen must have at least 80 columns. This is however not checked.
+.PP
+Only the first X-5 entries that match the sort and filter criteria are
+displayed (where X is the number of rows on the display. There is no way to 
+see more entries.
+.PP
+No support for IPv6
+.PP
 .SH FILES
 /dev/kmem
 .br