Previous
Displaying Statistics and Information for Solaris IP Filter
Table 26-4 Displaying Solaris IP Filter Statistics and Information (Task Map)
Task | Description | For Instructions |
|---|---|---|
View state tables. | View state tables to obtain information about packet filtering using the ipfstat command. | |
View state statistics. | View statistics on packet state information using the ipfstat -s command. | |
View NAT statistics. | View NAT statistics using the ipnat -s command. | |
View address pool statistics. | View address pool statistics using the ippool -s command. |
How to View State Tables for Solaris IP Filter
Assume a role that includes the IP Filter Management rights profile, or become superuser.
You can assign the IP Filter Management rights profile to a role that you create. To create the role and assign the role to a user, see "Configuring RBAC (Task Map)" in System Administration Guide: Security Services.
View the state table.
# ipfstat
Note - You can use the -t option to view the state table in the top utility format.
Example 26-16 Viewing State Tables for Solaris IP Filter
The following example shows how to view a state table.
# ipfstat
bad packets: in 0 out 0
input packets: blocked 160 passed 11 nomatch 1 counted 0 short 0
output packets: blocked 0 passed 13681 nomatch 6844 counted 0 short 0
input packets logged: blocked 0 passed 0
output packets logged: blocked 0 passed 0
packets logged: input 0 output 0
log failures: input 0 output 0
fragment state(in): kept 0 lost 0
fragment state(out): kept 0 lost 0
packet state(in): kept 0 lost 0
packet state(out): kept 0 lost 0
ICMP replies: 0 TCP RSTs sent: 0
Invalid source(in): 0
Result cache hits(in): 152 (out): 6837
IN Pullups succeeded: 0 failed: 0
OUT Pullups succeeded: 0 failed: 0
Fastroute successes: 0 failures: 0
TCP cksum fails(in): 0 (out): 0
IPF Ticks: 14341469
Packet log flags set: (0)
none
|
How to View State Statistics for Solaris IP Filter
Assume a role that includes the IP Filter Management rights profile, or become superuser.
You can assign the IP Filter Management rights profile to a role that you create. To create the role and assign the role to a user, see "Configuring RBAC (Task Map)" in System Administration Guide: Security Services.
View the state statistics.
# ipfstat -s
Example 26-17 Viewing State Statistics for Solaris IP Filter
The following example shows how to view state statistics.
# ipfstat -s
IP states added:
0 TCP
0 UDP
0 ICMP
0 hits
0 misses
0 maximum
0 no memory
0 max bucket
0 active
0 expired
0 closed
State logging enabled
State table bucket statistics:
0 in use
0.00% bucket usage
0 minimal length
0 maximal length
0.000 average length
|
How to View NAT Statistics for Solaris IP Filter
Assume a role that includes the IP Filter Management rights profile, or become superuser.
You can assign the IP Filter Management rights profile to a role that you create. To create the role and assign the role to a user, see "Configuring RBAC (Task Map)" in System Administration Guide: Security Services.
View NAT statistics.
# ipnat -s
Example 26-18 Viewing NAT Statistics for Solaris IP Filter
The following example shows how to view NAT statistics.
# ipnat -s mapped in 0 out 0 added 0 expired 0 no memory 0 bad nat 0 inuse 0 rules 1 wilds 0 |
How to View Address Pool Statistics for Solaris IP
Filter
Assume a role that includes the IP Filter Management rights profile, or become superuser.
You can assign the IP Filter Management rights profile to a role that you create. To create the role and assign the role to a user, see "Configuring RBAC (Task Map)" in System Administration Guide: Security Services.
View address pool statistics.
# ippool -s
Example 26-19 Viewing Address Pool Statistics for Solaris IP Filter
The following example shows how to view address pool statistics.
# ippool -s Pools: 3 Hash Tables: 0 Nodes: 0 |