Manualshelf

HP-UX IPFilter V18.0 Administrator Guide for HP-UX 11i v3

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
51525354555657585960
9 Troubleshooting HP-UX IPFilter
9.1 Viewing IPFilter statistics and active rules with ipfstat
The ipfstat utility displays IPFilter statistics, including how many packets have been passed or
blocked, whether the packets were logged or not, how many state entries have been made, and
DCA statistics. You can also use options with ipfstat to display active rules.
9.1.1 Syntax
ipfstat [-options]
9.1.2 Options
For a complete list of ipfstat options, see the ipfstat manpage. If you do not specify any options,
ipfstat displays total packet counts for all rules and general statistics.
-6 Shows the output for IPv6 rules. This option is valid only with the following
options, and must be specified before the other options:
-i
-o
-h
-r
-vL
If you do not specify the -6 option, these commands show the output for
IPv4 rules only.
For example, to list the active inbound and outbound (-io) IPv6 rules, use
the following command:
ipfstat -6 -io
-i Displays the active rules for inbound packets. If you specify this option with
the -6 option, ipfstat displays the IPv6 rules; if you specify this option
without the -6 option, it displays the IPv4 rules.
-o Displays the active rules for outbound packets. If you specify this option with
the -6 option, ipfstat displays the IPv6 rules; if you specify this option
without the -6 option, it displays the IPv4 rules.
-h Displays the active rules and the number of matching packets (hit count) for
each rule. Use with the -i or -o options.
-s Displays state table statistics.
-sl Displays detailed state table statistics.
-n When used with the -i or -o options, it displays the rules, preceded by
group number and rule number in the format
@group_number:rule_number.
-L Displays global limit statistics.
-Lv Displays detailed (verbose) global limit statistics. If you specify this option
with the -6 option, ipfstatdisplays the IPv6 rule statistics; if you specify
this option without the -6 option, it displays the IPv4 rule statistics.
-Q Displays the interfaces protected by IPFilter. Interfaces not supported by
IPFilter are not displayed. This option is supported for HP-UX 11i v3 only.
For a list of interface types supported by IPFilter, see Section A.5 (page 98).
54 Troubleshooting HP-UX IPFilter