diff options
Diffstat (limited to 'contrib/ipfilter/man/ipf.1')
| -rw-r--r-- | contrib/ipfilter/man/ipf.1 | 109 |
1 files changed, 0 insertions, 109 deletions
diff --git a/contrib/ipfilter/man/ipf.1 b/contrib/ipfilter/man/ipf.1 deleted file mode 100644 index 5ea06fa74c35..000000000000 --- a/contrib/ipfilter/man/ipf.1 +++ /dev/null @@ -1,109 +0,0 @@ -.TH IPF 1 -.SH NAME -ipf \- alters packet filtering lists for IP packet input and ouput -.SH SYNOPSIS -.B ipf -[ -.B \-AdDEInorsUvyzZ -] [ -.B \-l -<block|pass|nomatch> -] [ -.B \-F -<i|o|a> -] -.B \-f -<\fIfilename\fP> -[ -.B \-f -<\fIfilename\fP> -[...]] -.SH DESCRIPTION -.PP -\fBipf\fP opens the filenames listed (treating "\-" as stdin) and parses the -file for a set of rules which are to be added or removed from the packet -filter rule set. -.PP -Each rule processed by \fBipf\fP -is added to the kernel's internal lists if there are no parsing problems. -Rules are added to the end of the internal lists, matching the order in -which they appear when given to \fBipf\fP. -.SH OPTIONS -.TP -.B \-A -Set the list to make changes to the active list (default). -.TP -.B \-d -Turn debug mode on. Causes a hexdump of filter rules to be generated as -it processes each one. -.TP -.B \-D -Disable the filter (if enabled). Not effective for loadable kernel versions. -.TP -.B \-E -Enable the filter (if disabled). Not effective for loadable kernel versions. -.TP -.BR \-F \0<param> -This option specifies which filter list to flush. The parameter should -either be "i" (input), "o" (output) or "a" (remove all filter rules). -Either a single letter or an entire word starting with the appropriate -letter maybe used. This option maybe before, or after, any other with -the order on the command line being that used to execute options. -.TP -.BR \-f \0<filename> -This option specifies which files -\fBipf\fP should use to get input from for modifying the packet filter rule -lists. -.TP -.B \-I -Set the list to make changes to the inactive list. -.TP -.B \-l \0<param> -Use of the \fB-l\fP flag toggles default logging of packets. Valid -arguments to this option are \fBpass\fP, \fBblock\fP and \fBnomatch\fP. -When an option is set, any packet which exits filtering and matches the -set category is logged. This is most useful for causing all packets -which don't match any of the loaded rules to be logged. -.TP -.B \-n -This flag (no-change) prevents \fBipf\fP from actually making any ioctl -calls or doing anything which would alter the currently running kernel. -.TP -.B \-o -Force rules by default to be added/deleted to/from the output list, rather -than the (default) input list. -.TP -.B \-r -Remove matching filter rules rather than add them to the internal lists -.TP -.B \-s -Swap the active filter list in use to be the "other" one. -.TP -.B \-U -(SOLARIS 2 ONLY) Block packets travelling along the data stream which aren't -recognised as IP packets. They will be printed out on the console. -.TP -.B \-v -Turn verbose mode on. Displays information relating to rule processing. -.TP -.B \-y -(SOLARIS 2 ONLY) Manually resync the in-kernel interface list maintained -by IP Filter with the current interface status list. -.TP -.B \-z -For each rule in the input file, reset the statistics for it to zero and -display the statistics prior to them being zero'd. -.TP -.B \-Z -Zero global statistics held in the kernel for filtering only (this doesn't -affect fragment or state statistics). -.DT -.SH SEE ALSO -ipfstat(1), ipftest(1), ipf(5), mkfilters(1) -.SH DIAGNOSTICS -.PP -Needs to be run as root for the packet filtering lists to actually -be affected inside the kernel. -.SH BUGS -.PP -If you find any, please send email to me at darrenr@cyber.com.au |