83 lines
2.2 KiB
Groff
83 lines
2.2 KiB
Groff
.\" $NetBSD: ipfstat.8,v 1.5 1998/05/29 20:46:46 veego Exp $
|
|
.\"
|
|
.TH ipfstat 8
|
|
.SH NAME
|
|
ipfstat \- reports on packet filter statistics and filter list
|
|
.SH SYNOPSIS
|
|
.B ipfstat
|
|
[
|
|
.B \-aAfhIinosv
|
|
] [
|
|
.B \-d
|
|
<device>
|
|
]
|
|
.SH DESCRIPTION
|
|
.PP
|
|
\fBipfstat\fP examines /dev/kmem using the symbols \fB_fr_flags\fP,
|
|
\fB_frstats\fP, \fB_filterin\fP, and \fB_filterout\fP.
|
|
To run and work, it needs to be able to read both /dev/kmem and the
|
|
kernel itself. The kernel name defaults to \fB/netbsd\fP.
|
|
.PP
|
|
The default behaviour of \fBipfstat\fP
|
|
is to retrieve and display the accumulated statistics which have been
|
|
accumulated over time as the kernel has put packets through the filter.
|
|
.SH OPTIONS
|
|
.TP
|
|
.B \-a
|
|
Display the accounting filter list and show bytes counted against each rule.
|
|
.TP
|
|
.B \-A
|
|
Display packet authentication statistics.
|
|
.TP
|
|
.BR \-d \0<device>
|
|
Use a device other than \fB/dev/ipl\fP for interfacing with the kernel.
|
|
.TP
|
|
.B \-f
|
|
Show fragment state information (statistics) and held state information (in
|
|
the kernel) if any is present.
|
|
.TP
|
|
.B \-h
|
|
Show per-rule the number of times each one scores a "hit". For use in
|
|
combination with \fB\-i\fP.
|
|
.TP
|
|
.B \-i
|
|
Display the filter list used for the input side of the kernel IP processing.
|
|
.TP
|
|
.B \-I
|
|
Swap between retrieving "inactive"/"active" filter list details. For use
|
|
in combination with \fB\-i\fP.
|
|
.TP
|
|
.B \-n
|
|
Show the "rule number" for each rule as it is printed.
|
|
.TP
|
|
.B \-o
|
|
Display the filter list used for the output side of the kernel IP processing.
|
|
.TP
|
|
.B \-s
|
|
Show packet/flow state information (statistics) and held state information (in
|
|
the kernel) if any is present.
|
|
.TP
|
|
.B \-v
|
|
Turn verbose mode on. Displays more debugging information.
|
|
.SH SYNOPSIS
|
|
The role of \fBipfstat\fP is to display current kernel statistics gathered
|
|
as a result of applying the filters in place (if any) to packets going in and
|
|
out of the kernel. This is the default operation when no command line
|
|
parameters are present.
|
|
.PP
|
|
When supplied with either \fB\-i\fP or \fB\-o\fP, it will retrieve and display
|
|
the appropriate list of filter rules currently installed and in use by the
|
|
kernel.
|
|
.SH FILES
|
|
/dev/kmem
|
|
.br
|
|
/dev/ipl
|
|
.br
|
|
/dev/ipstate
|
|
.br
|
|
/netbsd
|
|
.SH SEE ALSO
|
|
ipf(8)
|
|
.SH BUGS
|
|
none known.
|