summaryrefslogtreecommitdiff
path: root/sbin/ipfstat/ipfstat.8
blob: 900b59769586b7bc81011f53f36898344ad8634e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
.\"     $OpenBSD: ipfstat.8,v 1.10 1998/09/15 09:58:34 pattonme Exp $
.TH ipfstat 8
.SH NAME
ipfstat \- reports on packet filter statistics and filter list
.SH SYNOPSIS
.B ipfstat
[
.B \-aAfhIinosv
] [
.B \-d
<device>
]
.SH DESCRIPTION
.PP
\fBipfstat\fP examines /dev/kmem using the symbols \fB_fr_flags\fP,
\fB_frstats\fP, \fB_filterin\fP, and \fB_filterout\fP.
To run and work, it needs to be able to read both /dev/kmem and the
kernel itself.
.PP
The default behaviour of \fBipfstat\fP
is to retrieve and display the accumulated statistics which have been
accumulated over time as the kernel has put packets through the filter.
.SH OPTIONS
.TP
.B \-a
Display the accounting filter list and show bytes counted against each rule.
.TP
.B \-A
Display packet authentication statistics.
.TP
.BR \-d \0<device>
Use a device other than \fB/dev/ipl\fP for interfacing with the kernel.
.TP
.B \-f
Show fragment state information (statistics) and held state information (in
the kernel) if any is present.
.TP
.B \-h
Show per-rule the number of times each one scores a "hit".  For use in
combination with \fB\-i\fP.
.TP
.B \-i
Display the filter list used for the input side of the kernel IP processing.
.TP
.B \-I
Swap between retrieving "inactive"/"active" filter list details.  For use
in combination with \fB\-i\fP.
.TP
.B \-n
Show the "rule number" for each rule as it is printed.
.TP
.B \-o
Display the filter list used for the output side of the kernel IP processing.
.TP
.B \-s
Show packet/flow state information (statistics) and held state information (in
the kernel) if any is present.
.TP
.B \-v
Turn verbose mode on.  Displays more debugging information.
.SH SYNOPSIS
The role of \fBipfstat\fP is to display current kernel statistics gathered
as a result of applying the filters in place (if any) to packets going in and
out of the kernel.  This is the default operation when no command line
parameters are present.
.PP
When supplied with either \fB\-i\fP or \fB\-o\fP, it will retrieve and display
the appropriate list of filter rules currently installed and in use by the
kernel.
.SH FILES
/dev/kmem
.br
/dev/ipl
.br
/dev/ipstate
.br
/bsd
.SH SEE ALSO
ipf(1), ipftest(1), ipnat(1), ipf(4), ipl(4), ipnat(4), ipf(5), ipnat(5), ipmon(8)
.br
http://coombs.anu.edu.au/ipfilter/
.SH BUGS
If you find any, please send email to me at darrenr@pobox.com.