Tribblix: manual page: ippool.8

IPPOOL(8) Maintenance Commands and Procedures IPPOOL(8)

NAME

ippool - user interface to the IP Filter pools

SYNOPSIS

ippool -a [-dnv] [-G | -z zonename] [-m poolname] [-o role] -i ipaddr
[/netmask]

ippool -A [-dnv] [-G | -z zonename] [-m poolname] [-o role] [-S seed]
[-t type]

ippool -f file [-G | -z zonename] [-dnuv]

ippool -F [-dv] [-G | -z zonename] [-o role] [-t type]

ippool -h [-dv] [-G | -z zonename] [-m poolname] [-t type]

ippool -l [-dv] [-G | -z zonename] [-m poolname] [-t type]

ippool -r [-dnv] [-G | -z zonename] [-m poolname] [-o role] -i ipaddr
[/netmask]

ippool -R [-dnv] [-G | -z zonename] [-m poolname] [-o role] [-t type]

ippool -s [-dtv] [-G | -z zonename] [-M core] [-N namelist]

DESCRIPTION

The ippool utility is used to manage information stored in the IP
pools subsystem of IP Filter software. Configuration file information
can be parsed and loaded into the kernel and currently configured
pools can be removed, changed, or inspected.

ippool's use is restricted through access to /dev/ippool. The default
permissions of /dev/ippool require ippool to be run as root for all
operations.

The command line options used are divided into two sections: the
global options and the instance-specific options.

ippool's use is restricted through access to /dev/ipauth, /dev/ipl,
and /dev/ipstate. The default permissions of these files require
ippool to be run as root for all operations.

OPTIONS

ippool supports the option categories described below.

Global Options

The following global options are supported:

-d
Toggle debugging of processing the configuration file.

-n
Prevents ippool from doing anything, such as making ioctl
calls, that would alter the currently running kernel.

-v
Turn verbose mode on.

-z zonename
Manage the specified zone's in-zone IP pools. If neither this
option nor -G is specified, the current zone is used. This
command is only available in the Global Zone. See ZONES in
ipf(8) for more information.

-G zonename
Manage the specified zone's global zone controlled IP pools. If
neither this option nor -z is specified, the current zone is
used. This command is only available in the Global Zone. See
ZONES in ipf(8) for more information.

Instance-Specific Options
The following instance-specific options are supported:

-a
Add a new data node to an existing pool in the kernel.

-A
Add a new (empty) pool to the kernel.

-f file
Read in IP pool configuration information from file and
load it into the kernel.

-F
Flush loaded pools from the kernel.

-h
Display a list of pools of the type: hash loaded in the
kernel.

-l
Display a list of pools of the type: tree loaded in the
kernel.

-r
Remove an existing data node from a pool in the kernel.

-R
Remove an existing pool from within the kernel.

-s
Display IP pool statistical information.

Other Options

The following, additional options are supported:

-i ipaddr[/netmask]
Sets the IP address for the operation being
undertaken with an all-one's mask or,
optionally, a specific netmask, given in
either dotted-quad notation or as a single
integer.

-m poolname
Sets the pool name for the current operation.

-M core
Specify an alternative path to /dev/kmem from
which to retrieve statistical information.

-N namelist
Specify an alternative path to lookup symbol
name information when retrieving statistical
information.

-o role
Sets the role with which this pool is to be
used. Currently only ipf, auth, and count are
accepted as arguments to this option.

-S seed
Sets the hashing seed to the number specified.
For use with hash-type pools only.

-t type
Sets the type of pool being defined. Must be
one of pool, hash, or group-map.

-u
When parsing a configuration file, rather than
load new pool data into the kernel, unload it.

FILES

/dev/ippool
Link to IP Filter pseudo device.

/dev/kmem
Special file that provides access to virtual
address space.

/etc/ipf/ippool.conf
Location of ippool startup configuration
file.

ATTRIBUTES