diff options
Diffstat (limited to 'sbin/ipfw/ipfw.8')
| -rw-r--r-- | sbin/ipfw/ipfw.8 | 33 |
1 files changed, 25 insertions, 8 deletions
diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8 index ba3da16..e3933d5 100644 --- a/sbin/ipfw/ipfw.8 +++ b/sbin/ipfw/ipfw.8 @@ -1,5 +1,5 @@ .\" -.\" $Id: ipfw.8,v 1.53 1999/06/15 12:56:38 ru Exp $ +.\" $Id: ipfw.8,v 1.54 1999/06/19 18:43:18 green Exp $ .\" .Dd July 20, 1996 .Dt IPFW 8 @@ -30,6 +30,12 @@ flush zero .Op Ar number ... .Nm ipfw +.Oo +.Fl q +.Oc +resetlog +.Op Ar number ... +.Nm ipfw delete .Ar number ... .Nm ipfw @@ -49,7 +55,7 @@ show add .Op Ar number .Ar action -.Op log +.Op log Op Ar logamount Ar number .Ar proto from .Ar src @@ -227,6 +233,10 @@ The show command is equivalent to The zero operation zeroes the counters associated with rule number .Ar number . .Pp +The resetlog operation resets the logging counters associated with +rule number +.Ar number . +.Pp The flush operation removes all rules. .Pp Any command beginning with a @@ -265,7 +275,7 @@ Don't ask for confirmation for commands that can cause problems if misused .Ar Note , if there is no tty associated with the process, this is implied. .It Fl q -While adding, zeroing or flushing, be quiet about actions (implies +While adding, zeroing, resetlogging or flushing, be quiet about actions (implies .Fl f Ns ). This is useful for adjusting rules by executing multiple .Nm @@ -411,15 +421,22 @@ then when a packet matches a rule with the keyword a message will be printed on the console. If the kernel was compiled with the .Dv IPFIREWALL_VERBOSE_LIMIT -option, then logging will cease after the number of packets -specified by the option are received for that particular -chain entry. Logging may then be re-enabled by clearing -the packet counter for that entry. +option, then by default logging will cease after the number +of packets specified by the option are received for that +particular chain entry. However, if +.Ar logamount Ar number +is used, that +.Ar number +will be the default logging limit rather than +.Dv IPFIREWALL_VERBOSE_LIMIT . +Logging may then be re-enabled by clearing the logging counter +or the packet counter for that entry. .Pp Console logging and the log limit are adjustable dynamically through the .Xr sysctl 8 -interface. +interface in the MIB base of +.Dv net.inet.ip.fw . .Pp .Ar proto : .Bl -hang -offset flag -width 1234567890123456 |
