pfctl.8 - OpenGrok cross reference for /freebsd/sbin/pfctl/pfctl.8

Lines Matching +full:host +full:- +full:id
35 .Bk -words
43 .Op Fl K Ar host | network
46 .Ar host | network | label | id | gateway | nat
68 network interfaces entering or leaving the host based on filter
111 .Bl -tag -width Ds
150 .Bd -literal -offset indent
151 # pfctl -a "authpf/smith(1234)" -s rules
158 .Bd -literal -offset indent
159 # pfctl -a foo/bar -t mytable -T add 1.2.3.4 5.6.7.8
180 .Bd -literal -offset indent
181 # pfctl -a 'authpf/*' -sr
187 .Bd -literal -offset indent
188 # pfctl -a '*' -sr
208 .Bl -tag -width xxxxxxxxxxxx -compact
246 .It Fl K Ar host | network
248 .Ar host
252 .Fl K Ar host
256 entries from the first host/network to the second.
259 .Ar host | network | label | id | gateway | nat
262 .Ar host ,
265 .Ar id ,
271 .Dq host :
273 .Dl # pfctl -k host
276 .Fl k Ar host
280 from the first host/network to the second.
286 .Dl # pfctl -k host1 -k host2
290 .Dl # pfctl -k 192.168.1.0/24 -k 172.16.0.0/16
296 .Dl # pfctl -k 0.0.0.0/0 -k host2
298 It is also possible to kill states by rule label or state ID.
307 .Dl # pfctl -k label -k foobar
309 To kill one specific state by its unique state ID
310 (as shown by pfctl -s state -vv),
312 .Ar id
313 modifier and as a second argument the state ID and optional creator ID.
314 To kill a state with ID 4823e84500000003 use:
316 .Dl # pfctl -k id -k 4823e84500000003
318 To kill a state with ID 4823e84500000018 created from a backup
321 .Dl # pfctl -k id -k 4823e84500000018/2
323 It is also possible to kill states created from a rule with the route-to/reply-to
325 Note that rules routing via the default routing table (not via a route-to
329 .Dl # pfctl -k gateway -k 192.168.0.1
334 .Dl # pfctl -k gateway -k 192.168.0.0/24
336 States can also be killed based on their pre-NAT address:
338 .Dl # pfctl -k nat -k 192.168.0.1
343 This applies to states killed using the -k option and also will apply to the
348 .Dl # pfctl -M -i interface -Fs
354 .Bd -literal -offset indent
355 # echo "set loginterface fxp0" | pfctl -mf -
368 .Bl -tag -width xxxxxxxxxxxx -compact
399 .Bl -tag -width xxxxxxxxxxxxx -compact
406 per-queue statistics are also shown.
416 the per-rule statistics (number of evaluations,
422 the per-rule statistics (number of evaluations,
452 Show the running status and provide a non-zero exit status when disabled.
454 Show per-rule statistics (label, evaluations, packets total, bytes total,
485 .Bl -tag -width xxxxxxxxxxxx -compact
517 .Bd -literal -offset indent
518 # pfctl -Tl -f pf.conf
545 .Bl -tag -width XXX -compact
578 .Bd -literal -offset indent
580     pass out to <test>\en" | pfctl -f-
581 # ping -qc10 ftp.openbsd.org
591 .Bd -literal -offset indent
592 # pfctl -t test -vTshow
611 .Bd -literal -offset indent
612 # pfctl -vvsTables
613 --a-r-C test
626 As we can see here, only one packet \- the initial ping request \- matched the
647 .Bl -tag -width XXX -compact
674 This flag is set when per-address counters are enabled on the table.
689 .Bl -tag -width xxxxxxxxxxxx -compact
700 Clear per-rule statistics.
703 .Bl -tag -width "/etc/pf.conf" -compact
717 .Xr ftp-proxy 8 ,