Manualshelf

HP-UX IPFilter Version A.03.05.14 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
101102103104105106107108109110
HP-UX IPFilter Utilities
The ipmon Utility
Chapter 594
For a complete list of ipmon options and their uses, see the ipmon
manpage.
Examples
To view the state table as it updates, use the ipmon -o S command.
Example:
# ipmon -o S
01/08/1999 15:58:57.836053 STATE:NEW 100.100.100.1,53
->20.20.20.15,53 PR udp
01/08/1999 15:58:58.030815 STATE:NEW 20.20.20.15,123
->128.167.1.69,123 PR udp
01/08/1999 15:59:18.032174 STATE:NEW 20.20.20.15,123
->128.173.14.71,123 PR udp
01/08/1999 15:59:24.570107 STATE:EXPIRE 100.100.100.1,53
->20.20.20.15,53 PR udp Pkts 4 Bytes 356
01/08/1999 16:03:51.754867 STATE:NEW 20.20.20.13,1019
->100.100.100.10,22 PR tcp
01/08/1999 16:04:03.070127 STATE:EXPIRE 20.20.20.13,1019
->100.100.100.10,22 PR tcp Pkts 63 Bytes 4604
A state entry for an external DNS request to the nameserver is displayed
by ipmon. Two xntp pings to well-known time servers and a short
outbound SSH connection are also displayed.
You can also use ipmon to display packets that have been logged.
To view the IPFilter packet log, use the ipmon -o I command.
Example:
# ipmon -o I
15:57:33.803147 ppp0 @0:2 b 100.100.100.103,443 ->
20.20.20.10,4923 PR tcp len 20 1488 -A:
The fields in this output are as follows:
Field 1—Time stamp
Field 2—The interface on which the event occurred