netfmt.1m (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

netfmt(1M) netfmt(1M)

DEPENDENCIES

netfmt only recognizes subsystems and ﬁlters from products which have been installed and conﬁgured.

WARNINGS

The syntax that was used for the obsolete LAN trace and log options has been mixed with the syntax for

the

netfmt command such that any old options ﬁles can be used without any changes. The combination

of syntax introduces some redundancy and possible confusion. The global ﬁltering options have the string

formatter filter as the ﬁrst two ﬁelds, while the LAN ﬁltering options merely have the string

filter as the ﬁrst ﬁeld. It is expected that the older LAN ﬁltering options may change to become more

congruent with the global ﬁltering syntax in future releases.

The

nettl and netfmt commands read the /etc/nettlgen.conf

ﬁle each time they are executed.

These commands will not operate if the ﬁle becomes corrupted (see nettl (1M) and netfmt (1M)).

DIAGNOSTICS

Messages describe illegal use of

netfmt command and unexpected EOF encountered.

EXAMPLES

The ﬁrst group of examples show how to use command line options.

1. Format the last 50 records in ﬁle

/var/adm/nettl.LOG000

(the default log ﬁle):

netfmt -t 50 -f /var/adm/nettl.LOG000

2. Use the follow option to send all log messages to the console (normally, only

DISASTER-class

log messages are sent to the console in console form):

netfmt -f /var/adm/nettl.LOG000 -F > /dev/console

3. Monitor all log messages in a hpterm window:

hpterm -e /usr/sbin/netfmt -F -f /var/adm/nettl.LOG000

4. Read ﬁle /var/adm/trace.TRC000

for binary data and use conf.file as the ﬁlter

conﬁguration ﬁle:

netfmt -c conf.file -f /var/adm/trace.TRC000

The remaining examples show how to specify entries in the ﬁlter conﬁguration ﬁle used with the

-c

option.

1. Tell

netfmt to format only INFORMATIVE-class log messages coming from the

NS_LS_IP

subsystem between 10:31:53 and 10:41:00 on 23 November 1993.

formatter filter time_from 10:31:53 11/23/93

formatter filter time_through 10:41:00 11/23/93

formatter filter class !*

formatter filter class INFORMATIVE

formatter filter subsystem !*

formatter filter subsystem NS_LS_IP

2. Map hardware address to name(LAN):

name node1 08-00-09-00-0e-ca

name node3 02-60-8c-01-33-58

3. Format only packets from either of the above hardware addresses:

filter source 08-00-09-00-0e-ca

filter source 02-60-8c-01-33-58

4. Format all packets transmitted from the local node, local, to the remote node, 192.6.1.3,

which reference local TCP service ports login or shell, or remote UDP port 777:

filter ip_saddr local

filter ip_daddr 192.6.1.3

filter tcp_sport login

filter tcp_sport shell

filter udp_dport 777

5. Format a TCP connection from local node node2 to 192.6.1.3 which uses node2 service

port ftp and remote port 1198.

8 Hewlett-Packard Company − 8 − HP-UX 11i Version 3: September 2010