Content-type: text/html Man page of ippool


Section: System Administration Commands (1M)
Updated: 21 Oct 2005
Index Return to Main Contents


ippool - user interface to the IP Filter pools  


ippool -a [-dnv] [-m num] [-o role] -i ipaddr [/netmask]

ippool -A [-dnv] [-m num] [-o role] [-S seed] [-t type]

ippool -f file [-dnuv]

ippool -F [-dv] [-o role] [-t type]

ippool -l [-dv] [-m num] [-t type]

ippool -r [-dnv] [-m num] [-o role] -i ipaddr [/netmask]

ippool -R [-dnv] [-m num] [-o role] [-t type]

ippool -s [-dtv] [-M core] [-N namelist]  


The ippool utility is used to manage information stored in the IP pools subsystem of IP Filter software. Configuration file information can be parsed and loaded into the kernel and currently configured pools can be removed, changed, or inspected.

ippool's use is restricted through access to /dev/ippool. The default permissions of /dev/ippool require ippool to be run as root for all operations.

The command line options used are divided into two sections: the global options and the instance-specific options.

ippool's use is restricted through access to /dev/ipauth, /dev/ipl, and /dev/ipstate. The default permissions of these files require ippool to be run as root for all operations.  


ippool supports the option categories described below.  

Global Options

The following global options are supported:


Toggle debugging of processing the configuration file.


Prevents ippool from doing anything, such as making ioctl calls, that would alter the currently running kernel.


Turn verbose mode on.


Instance-Specific Options

The following instance-specific options are supported:


Add a new data node to an existing pool in the kernel.


Add a new (empty) pool to the kernel.

-f file

Read in IP pool configuration information from file and load it into the kernel.


Flush loaded pools from the kernel.


Display a list of pools currently loaded into the kernel.


Remove an existing data node from a pool in the kernel.


Remove an existing pool from within the kernel.


Display IP pool statistical information.


Other Options

The following, additional options are supported:

-i ipaddr[/netmask]

Sets the IP address for the operation being undertaken with an all-one's mask or, optionally, a specific netmask, given in either dotted-quad notation or as a single integer.

-m poolname

Sets the pool name for the current operation.

-M core

Specify an alternative path to /dev/kmem from which to retrieve statistical information.

-N namelist

Specify an alternative path to lookup symbol name information when retrieving statistical information.

-o role

Sets the role with which this pool is to be used. Currently only ipf, auth, and count are accepted as arguments to this option.

-S seed

Sets the hashing seed to the number specified. For use with hash-type pools only.

-t type

Sets the type of pool being defined. Must be one of pool, hash, or group-map.


When parsing a configuration file, rather than load new pool data into the kernel, unload it.




Link to IP Filter pseudo device.


Special file that provides access to virtual address space.


Location of ippool startup configuration file.



See attributes(5) for descriptions of the following attributes:

Interface StabilityEvolving



ipf(1M), ipfstat(1M), ippool(4), attributes(5)  


To view license terms, attribution, and copyright for IP Filter, the default path is /usr/lib/ipf/IPFILTER.LICENCE. If the Solaris operating environment has been installed anywhere other than the default, modify the given path to access the file at the installed location.



Global Options
Instance-Specific Options
Other Options

This document was created by man2html, using the manual pages.
Time: 02:37:00 GMT, October 02, 2010