System Administration Commands ippool(1M)
NAME
ippool - user interface to the IP Filter pools
SYNOPSIS
ippool -a [-dnv] [-m poolname] [-o role] -i ipaddr
[/netmask]ippool -A [-dnv] [-m poolname] [-o role] [-S seed]
[-t type]
ippool -f file [-dnuv]
ippool -F [-dv] [-o role] [-t type]
ippool -h [-dv] [-m poolname] [-t type]
ippool -l [-dv] [-m poolname] [-t type]
ippool -r [-dnv] [-m poolname] [-o role] -i ipaddr
[/netmask]ippool -R [-dnv] [-m poolname] [-o role] [-t type]
ippool -s [-dtv] [-M core] [-N namelist]
DESCRIPTION
The ippool utility is used to manage information stored in
the IP pools subsystem of IP Filter software. Configuration file information can be parsed and loaded into the kernel and currently configured pools can be removed, changed, or inspected.ippool's use is restricted through access to /dev/ippool.
The default permissions of /dev/ippool require ippool to be
run as root for all operations. The command line options used are divided into two sections:the global options and the instance-specific options.
SunOS 5.11 Last change: 3 Apr 2008 1
System Administration Commands ippool(1M)
ippool's use is restricted through access to /dev/ipauth,
/dev/ipl, and /dev/ipstate. The default permissions of thesefiles require ippool to be run as root for all operations.
OPTIONSippool supports the option categories described below.
Global Options The following global options are supported:-d Toggle debugging of processing the configuration file.
-n Prevents ippool from doing anything, such as making
ioctl calls, that would alter the currently running kernel.-v Turn verbose mode on.
Instance-Specific Options
The following instance-specific options are supported:
-a Add a new data node to an existing pool in the
kernel.-A Add a new (empty) pool to the kernel.
-f file Read in IP pool configuration information from
file and load it into the kernel.-F Flush loaded pools from the kernel.
-h Display a list of pools of the type: hash loaded
in the kernel.-l Display a list of pools of the type: tree loaded
in the kernel.-r Remove an existing data node from a pool in the
kernel.-R Remove an existing pool from within the kernel.
SunOS 5.11 Last change: 3 Apr 2008 2
System Administration Commands ippool(1M)
-s Display IP pool statistical information.
Other Options The following, additional options are supported:-i ipaddr[/netmask] Sets the IP address for the operation
being undertaken with an all-one's
mask or, optionally, a specific net-
mask, given in either dotted-quad
notation or as a single integer.-m poolname Sets the pool name for the current
operation.-M core Specify an alternative path to
/dev/kmem from which to retrieve sta-
tistical information.-N namelist Specify an alternative path to lookup
symbol name information when retriev-
ing statistical information.-o role Sets the role with which this pool is
to be used. Currently only ipf, auth, and count are accepted as arguments to this option.-S seed Sets the hashing seed to the number
specified. For use with hash-type
pools only.-t type Sets the type of pool being defined.
Must be one of pool, hash, or group-
map.-u When parsing a configuration file,
rather than load new pool data into the kernel, unload it. FILES/dev/ippool Link to IP Filter pseudo device.
SunOS 5.11 Last change: 3 Apr 2008 3
System Administration Commands ippool(1M)
/dev/kmem Special file that provides access to virtual address space./etc/ipf/ippool.conf Location of ippool startup confi-
guration file.ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | network/ipfilter ||_____________________________|_____________________________|
| Interface Stability | Committed ||_____________________________|_____________________________|
SEE ALSO
ipf(1M), ipfstat(1M), ippool(4), attributes(5)
SunOS 5.11 Last change: 3 Apr 2008 4