Content-type: text/html Man page of pfstat

pfstat

Section: User Commands (1)
Index Return to Main Contents
 

NAME

pfstat - Print packet filter status information  

SYNOPSIS

/usr/bin/pfstat [options] [system]


 

OPTIONS

If no options are given, then all are assumed (except for the verbose option, -v). Counts. Displays various counts (per ethernet unit) including number of packets sent and received, the number of packets dropped due to full input queues, the number of packets not wanted by any filter, and the number of packets missed by the interface. Descriptors. Displays OpenDescriptors for each minor device. Filters. Displays packet filters for each minor device. Parameters. Displays device parameters including device type, header and address lengths, maximum transmission units (MTU), and interface and broadcast addresses. QueueElements. Displays the QueueElements. Scavenger. Displays the FreeQueue and Scavenger statistics. Verbose. Displays information for minor devices not actually in use and complete queue information, only if this option is given. Limits output to information about specified units. If no digits are given, all units are displayed. Valid digits are 0 to 7.
 

DESCRIPTION

The pfstat command interprets the data structures of the packet filter driver packetfilter(7). The data structures are contained in /dev/kmem. If system is given, the required namelist is taken from there; otherwise, it is taken from /vmunix.
 

RESTRICTIONS

Some of the output is a bit cramped to fit on an 80-character line. It should be possible to get a less verbose but more readable listing.

Since things happen quickly, it is not likely that pfstat will provide a consistent view of a running system. It is mostly useful for analyzing static or slowly-varying problems, not transient ones.
 

OUTPUT FORMAT

This section describes the information displayed in the output of the pfstat command under the headings AllDescriptors, Filters, and QueueElts.
 

AllDescriptors

Minor device number for open descriptor. Descriptor location. Forward link to other descriptors. Blank, or one of the following: Waiting for input, indefinite wait Waiting for input, timed wait Has timed out Addresses of ``Queue Elements'' for waiting packets. Number of packets queued for input/maximum for this queue. Timeout duration in clock ticks (if the -v [Verbose] option is not given, then times may be expressed as minutes [with a trailing ``m''], hours [with a trailing ``h''], or simply ``long'', to keep the columns lined up.) Shows which mode bits are set for the minor device; each bit is encoded as a single character: ENHOLDSIG ENBATCH ENTSTAMP ENPROMISC ENNONEXCL ENCOPYALL ENBPFHDR An unknown mode bit is set. Signal number to be delivered when a packet arrives. Process to be signaled when a packet arrives. Process id which enabled the signal.
 

Filters

Minor device number of filter. Count of packets accepted by this filter. Count of ``recent'' drops for this filter. Priority of filter. (Not applicable to BPF-style filters.) Length of filter (in shortwords). See packetfilter(7) for interpretation of packet filters. See bpf(7) for interpretation of BPF-style filters.
 

QueueElts

Location of queue element. Forward and backward links. Packet size. Reference count for queue element. Per-packet flag bits set; each bit is encoded as a single character: ENSF_PROMISC ENSF_BROADCAST ENSF_MULTICAST ENSF_TRAILER An unknown flag bit is set. Count of packets dropped between the time previous packet was queued and the time this packet was queued. Approximate time this packet was received.
 

FILES

Namelist Default source of tables
 

SEE ALSO

Commands:  netstat(1), pfconfig(8)

Files:  bpf(7), packetfilter(7)


 

Index

NAME
SYNOPSIS
OPTIONS
DESCRIPTION
RESTRICTIONS
OUTPUT FORMAT
AllDescriptors
Filters
QueueElts
FILES
SEE ALSO

This document was created by man2html, using the manual pages.
Time: 02:42:49 GMT, October 02, 2010