icon Top 9 categories map      RocketAware > man pages >


Tips: Browse or Search all pages for efficient awareness of more than 6000 of the most popular reusable and open source applications, functions, libraries, and FAQs.

The "RKT couplings" below include links to source code, updates, additional information, advice, FAQs, and overviews.


Search all pages


By activity
Professions, Sciences, Humanities, Business, ...

User Interface
Text-based, GUI, Audio, Video, Keyboards, Mouse, Images,...

Text Strings
Conversions, tests, processing, manipulation,...

Integer, Floating point, Matrix, Statistics, Boolean, ...

Algorithms, Memory, Process control, Debugging, ...

Stored Data
Data storage, Integrity, Encryption, Compression, ...

Networks, protocols, Interprocess, Remote, Client Server, ...

Hard World
Timing, Calendar and Clock, Audio, Video, Printer, Controls...

File System
Management, Filtering, File & Directory access, Viewers, ...


RocketLink!--> Man page versions: OpenBSD FreeBSD NetBSD Others

ipmon(8)                                                 ipmon(8)

       ipmon - monitors /dev/ipl for logged packets

       ipmon  [  -aFhnstvxX  ]  [  -o  [NSI]  ] [ -O [NSI] ] [ -N
       <device> ] [ -S <device> ] [ -f <device> ] [ <filename> ]

       ipmon opens /dev/ipl for reading and  awaits  data  to  be
       saved  from  the packet filter.  The binary data read from
       the device is reprinted in human  readable  for,  however,
       IP#'s  are  not  mapped  back  to hostnames, nor are ports
       mapped back to service names.  The output goes to standard
       output  by  default or a filename, if given on the command
       line.  Should the -s option be  used,  output  is  instead
       sent  to  syslogd(8).   Messages  sent via syslog have the
       day, month and year removed from the message, but the time
       (including microseconds), as recorded in the log, is still

       -a     Open all of the device  logfiles  for  reading  log
              entries  from.   All  entries  are displayed to the
              same output 'device' (stderr or syslog).

       -f <device>
              specify an alternative device/file  from  which  to
              read  the  log information for normal IP Filter log

       -F     Flush the current packet log buffer.  The number of
              bytes  flushed is displayed, even should the result
              be zero.

       -N <device>
              Set the logfile to be opened for  reading  NAT  log
              records from to <device>.

       -n     IP addresses and port numbers will be mapped, where
              possible, back into hostnames and service names.

       -N <device>
              Set the logfile to be opened for  reading  NAT  log
              records from to <device>.

       -o     Specify which log files to actually read data from.
              N - NAT logfile, S - State logfile, I -  normal  IP
              Filter  logfile.   The  -a  option is equivalent to
              using -o NSI.

       -O     Specify which log files you do  not  wish  to  read
              from.   This  is  most  sensibly  used with the -a.
              Letters available as paramters to this are the same
              as for -o.


ipmon(8)                                                 ipmon(8)

       -s     Packet  information  read  in  will be sent through
              syslogd rather than saved to a file.  The following
              levels are used:

       -S <device>
              Set  the logfile to be opened for reading state log
              records from to <device>.

              - packets logged using the  "log"  keyword  as  the
              action rather than pass or block.

              LOG_NOTICE - packets logged which are also passed

              LOG_WARNING - packets logged which are also blocked

              LOG_ERR - packets which have been logged and  which
              can be considered "short".

       -S     Treat  the  logfile  as being composed of state log

       -t     read the input file/device  in  a  manner  akin  to

       -x     show the packet data in hex.

       -X     show the log header record data in hex.

       ipmon expects data that it reads to be consistent with how
       it should be saved and will abort if it fails an assertion
       which detects an anomaly in the recorded data.


       ipf(8), ipfstat(8)



Source: OpenBSD 2.6 man pages. Copyright: Portions are copyrighted by BERKELEY
SOFTWARE DESIGN, INC., The Regents of the University of California, Massachusetts
Institute of Technology, Free Software Foundation, FreeBSD Inc., and others.

(Corrections, notes, and links courtesy of RocketAware.com)

[Detailed Topics]
FreeBSD Sources for ipmon(8)
OpenBSD sources for ipmon(8)

[Overview Topics]

Up to: Communication and Network Monitoring - status reporting, logging, et al

RocketLink!--> Man page versions: OpenBSD FreeBSD NetBSD Others

Rapid-Links: Search | About | Comments | Submit Path: RocketAware > man pages > ipmon.8/
RocketAware.com is a service of Mib Software
Copyright 1999, Forrest J. Cavalier III. All Rights Reserved.
We welcome submissions and comments