2.5 ipf

This command allows users to view the version of the IP filter, to view/set the log flag, to view the running IP filter rules.

2.5.1 ipf view

ipf [-VzZ][-1 block] ipf [-VzZ][-1 pass] ipf [-VzZ][-1 nomatch] ipf [-VzZ][-1 none] ipf view [-cdfhrtz]

Syntax Description

 

V

It means to show the version of this IP filter.

z

It means to clear a filter rule’s statistics.

Z

It means to clear IP filter’s gross statistics.

-1

It means to set the log flag.

block

It means to log the packet which will be blocked by IP filter.

pass

It means to log the packet that passes through IP filter.

nomatch

It means to log the packet that doesn't match any rule in IP filter.

none

It means logging or not depends on filter rule setting.

-c

It means to show the running call filter rules.

-d

It means to show the running data filter rules.

-f

It means to show IP fragment states.

-h

It means to show the hit-number of the filter rules.

-r

It means to show the running call and data filter rules.

-t

It means to display to the end.

-z

It means to clear the statistics of IP filter rules.

Example

 

>ipf –V -1 pass

 

 

Ipf: IP Filter: v3.3.1 <416>

 

 

Kernel: IP Filter: v3.3.1

 

 

Running: yes

 

 

Log Flags: 0x0 = none set

 

 

Default: pass all, Logging: available

 

 

>ipf view –c

 

 

------ Call Filter Rules ------

 

 

[Set 1 Rule 1]

 

 

Schedule:

 

 

Source IP : any

 

 

Destination IP: any

 

 

Service Type: TCP/UDP port from 137-139 to any

 

 

Fragments: Don’t Care

 

 

Action: Block immediately

 

28

Telnet Command Reference Guide V1.1

Page 33 Page 35
Page 34
Image 34
Draytek 1.11 manual Ipf view
Page 33 Page 35
Top Page Image Contents