summaryrefslogtreecommitdiffstats
path: root/contrib/ipfilter/man/ipfstat.8
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/ipfilter/man/ipfstat.8')
-rw-r--r--contrib/ipfilter/man/ipfstat.8193
1 files changed, 0 insertions, 193 deletions
diff --git a/contrib/ipfilter/man/ipfstat.8 b/contrib/ipfilter/man/ipfstat.8
deleted file mode 100644
index 95cf6f3..0000000
--- a/contrib/ipfilter/man/ipfstat.8
+++ /dev/null
@@ -1,193 +0,0 @@
-.TH ipfstat 8
-.SH NAME
-ipfstat \- reports on packet filter statistics and filter list
-.SH SYNOPSIS
-.B ipfstat
-[
-.B \-6aAdfghIilnoRsv
-]
-.br
-.B ipfstat -t
-[
-.B \-6C
-] [
-.B \-D
-<addrport>
-] [
-.B \-P
-<protocol>
-] [
-.B \-S
-<addrport>
-] [
-.B \-T
-<refresh time>
-]
-.SH DESCRIPTION
-\fBipfstat\fP examines /dev/kmem using the symbols \fB_fr_flags\fP,
-\fB_frstats\fP, \fB_filterin\fP, and \fB_filterout\fP.
-To run and work, it needs to be able to read both /dev/kmem and the
-kernel itself. The kernel name defaults to \fB/vmunix\fP.
-.PP
-The default behaviour of \fBipfstat\fP
-is to retrieve and display the accumulated statistics which have been
-accumulated over time as the kernel has put packets through the filter.
-.SH OPTIONS
-.TP
-.B \-6
-Display filter lists and states for IPv6, if available.
-.TP
-.B \-a
-Display the accounting filter list and show bytes counted against each rule.
-.TP
-.B \-A
-Display packet authentication statistics.
-.TP
-.B \-C
-This option is only valid in combination with \fB\-t\fP.
-Display "closed" states as well in the top. Normally, a TCP connection is
-not displayed when it reaches the CLOSE_WAIT protocol state. With this
-option enabled, all state entries are displayed.
-.TP
-.BR \-d
-Produce debugging output when displaying data.
-.TP
-.BR \-D \0<addrport>
-This option is only valid in combination with \fB\-t\fP. Limit the state top
-display to show only state entries whose destination IP address and port
-match the addrport argument. The addrport specification is of the form
-ipaddress[,port]. The ipaddress and port should be either numerical or the
-string "any" (specifying any IP address resp. any port). If the \fB\-D\fP
-option is not specified, it defaults to "\fB\-D\fP any,any".
-.TP
-.B \-f
-Show fragment state information (statistics) and held state information (in
-the kernel) if any is present.
-.TP
-.B \-g
-Show groups currently configured (both active and inactive).
-.TP
-.B \-h
-Show per-rule the number of times each one scores a "hit". For use in
-combination with \fB\-i\fP.
-.TP
-.B \-i
-Display the filter list used for the input side of the kernel IP processing.
-.TP
-.B \-I
-Swap between retrieving "inactive"/"active" filter list details. For use
-in combination with \fB\-i\fP.
-.TP
-.B \-n
-Show the "rule number" for each rule as it is printed.
-.TP
-.B \-o
-Display the filter list used for the output side of the kernel IP processing.
-.TP
-.BR \-P \0<protocol>
-This option is only valid in combination with \fB\-t\fP. Limit the state top
-display to show only state entries that match a specific protocol. The
-argument can be a protocol name (as defined in \fB/etc/protocols\fP) or a
-protocol number. If this option is not specified, state entries for any
-protocol are specified.
-.TP
-.BR \-R
-Don't try to resolve addresses to hostnames and ports to services while
-printing statistics.
-.TP
-.B \-s
-Show packet/flow state information (statistics only).
-.TP
-.B \-sl
-Show held state information (in the kernel) if any is present (no statistics).
-.TP
-.BR \-S \0<addrport>
-This option is only valid in combination with \fB\-t\fP. Limit the state top
-display to show only state entries whose source IP address and port match
-the addrport argument. The addrport specification is of the form
-ipaddress[,port]. The ipaddress and port should be either numerical or the
-string "any" (specifying any IP address resp. any port). If the \fB\-S\fP
-option is not specified, it defaults to "\fB\-S\fP any,any".
-.TP
-.B \-t
-Show the state table in a way similar to the way \fBtop(1)\fP shows the process
-table. States can be sorted using a number of different ways. This option
-requires \fBcurses(3)\fP and needs to be compiled in. It may not be available on
-all operating systems. See below, for more information on the keys that can
-be used while ipfstat is in top mode.
-.TP
-.BR \-T \0<refreshtime>
-This option is only valid in combination with \fB\-t\fP. Specifies how often
-the state top display should be updated. The refresh time is the number of
-seconds between an update. Any positive integer can be used. The default (and
-minimal update time) is 1.
-.TP
-.B \-v
-Turn verbose mode on. Displays more debugging information. When used with
-either \fB-i\fP or \fB-o\fP, counters associated with the rule, such as the
-number of times it has been matched and the number of bytes from such packets
-is displayed. For "keep state" rules, a count of the number of state sessions
-active against the rule is also displayed.
-.SH SYNOPSIS
-The role of \fBipfstat\fP is to display current kernel statistics gathered
-as a result of applying the filters in place (if any) to packets going in and
-out of the kernel. This is the default operation when no command line
-parameters are present.
-.PP
-When supplied with either \fB\-i\fP or \fB\-o\fP, it will retrieve and display
-the appropriate list of filter rules currently installed and in use by the
-kernel.
-.PP
-One of the statistics that \fBipfstat\fP shows is \fBticks\fP.
-This number indicates how long the filter has been enabled.
-The number is incremented every half\-second.
-.SH STATE TOP
-Using the \fB\-t\fP option \fBipfstat\fP will enter the state top mode. In
-this mode the state table is displayed similar to the way \fBtop\fP displays
-the process table. The \fB\-C\fP, \fB\-D\fP, \fB\-P\fP, \fB\-S\fP and \fB\-T\fP
-command line options can be used to restrict the state entries that will be
-shown and to specify the frequency of display updates.
-.PP
-In state top mode, the following keys can be used to influence the displayed
-information:
-.TP
-\fBb\fP show packets/bytes from backward direction.
-.TP
-\fBf\fP show packets/bytes from forward direction. (default)
-.TP
-\fBl\fP redraw the screen.
-.TP
-\fBq\fP quit the program.
-.TP
-\fBs\fP switch between different sorting criterion.
-.TP
-\fBr\fP reverse the sorting criterion.
-.PP
-States can be sorted by protocol number, by number of IP packets, by number
-of bytes and by time-to-live of the state entry. The default is to sort by
-the number of bytes. States are sorted in descending order, but you can use
-the \fBr\fP key to sort them in ascending order.
-.SH STATE TOP LIMITATIONS
-It is currently not possible to interactively change the source, destination
-and protocol filters or the refresh frequency. This must be done from the
-command line.
-.PP
-The screen must have at least 80 columns. This is however not checked.
-When running state top in IPv6 mode, the screen must be much wider to display
-the very long IPv6 addresses.
-.PP
-Only the first X-5 entries that match the sort and filter criteria are
-displayed (where X is the number of rows on the display. The only way to see
-more entries is to resize the screen.
-.SH FILES
-/dev/kmem
-.br
-/dev/ipl
-.br
-/dev/ipstate
-.br
-/vmunix
-.SH SEE ALSO
-ipf(8)
-.SH BUGS
-none known.
OpenPOWER on IntegriCloud