summaryrefslogtreecommitdiff
path: root/usr/src/man/man8/ippool.8
diff options
context:
space:
mode:
Diffstat (limited to 'usr/src/man/man8/ippool.8')
-rw-r--r--usr/src/man/man8/ippool.8352
1 files changed, 352 insertions, 0 deletions
diff --git a/usr/src/man/man8/ippool.8 b/usr/src/man/man8/ippool.8
new file mode 100644
index 0000000000..1f57c3d93b
--- /dev/null
+++ b/usr/src/man/man8/ippool.8
@@ -0,0 +1,352 @@
+'\" te
+.\" To view license terms, attribution, and copyright for IP Filter, the default path is /usr/lib/ipf/IPFILTER.LICENCE. If the Solaris operating environment has been installed anywhere other than the default, modify the given path to access the file at the installed
+.\" location.
+.\" Portions Copyright (c) 2008, Sun Microsystems Inc. All Rights Reserved.
+.\" Portions Copyright (c) 2012, Joyent, Inc. All Rights Reserved.
+.TH IPPOOL 8 "Nov 26, 2012"
+.SH NAME
+ippool \- user interface to the IP Filter pools
+.SH SYNOPSIS
+.LP
+.nf
+\fBippool\fR \fB-a\fR [\fB-dnv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-m\fR \fIpoolname\fR] [\fB-o\fR \fIrole\fR] \fB-i\fR \fIipaddr\fR
+ [/\fInetmask\fR]
+.fi
+
+.LP
+.nf
+\fBippool\fR \fB-A\fR [\fB-dnv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-m\fR \fIpoolname\fR] [\fB-o\fR \fIrole\fR] [\fB-S\fR \fIseed\fR]
+ [\fB-t\fR \fItype\fR]
+.fi
+
+.LP
+.nf
+\fBippool\fR \fB-f\fR \fIfile\fR [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-dnuv\fR]
+.fi
+
+.LP
+.nf
+\fBippool\fR \fB-F\fR [\fB-dv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-o\fR \fIrole\fR] [\fB-t\fR \fItype\fR]
+.fi
+
+.LP
+.nf
+\fBippool\fR \fB-h\fR [\fB-dv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-m\fR \fIpoolname\fR] [\fB-t\fR \fItype\fR]
+.fi
+
+.LP
+.nf
+\fBippool\fR \fB-l\fR [\fB-dv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-m\fR \fIpoolname\fR] [\fB-t\fR \fItype\fR]
+.fi
+
+.LP
+.nf
+\fBippool\fR \fB-r\fR [\fB-dnv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-m\fR \fIpoolname\fR] [\fB-o\fR \fIrole\fR] \fB-i\fR \fIipaddr\fR
+ [/\fInetmask\fR]
+.fi
+
+.LP
+.nf
+\fBippool\fR \fB-R\fR [\fB-dnv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-m\fR \fIpoolname\fR] [\fB-o\fR \fIrole\fR] [\fB-t\fR \fItype\fR]
+.fi
+
+.LP
+.nf
+\fBippool\fR \fB-s\fR [\fB-dtv\fR] [\fB-G\fR | \fB-z\fR \fIzonename\fR] [\fB-M\fR \fIcore\fR] [\fB-N\fR \fInamelist\fR]
+.fi
+
+.SH DESCRIPTION
+.LP
+The \fBippool\fR utility is used to manage information stored in the IP pools
+subsystem of IP Filter software. Configuration file information can be parsed
+and loaded into the kernel and currently configured pools can be removed,
+changed, or inspected.
+.sp
+.LP
+\fBippool\fR's use is restricted through access to \fB/dev/ippool\fR. The
+default permissions of \fB/dev/ippool\fR require \fBippool\fR to be run as root
+for all operations.
+.sp
+.LP
+The command line options used are divided into two sections: the global options
+and the instance-specific options.
+.sp
+.LP
+\fBippool\fR's use is restricted through access to \fB/dev/ipauth\fR,
+\fB/dev/ipl\fR, and \fB/dev/ipstate\fR. The default permissions of these files
+require \fBippool\fR to be run as root for all operations.
+.SH OPTIONS
+.LP
+\fBippool\fR supports the option categories described below.
+.SS "Global Options"
+.LP
+The following global options are supported:
+.sp
+.ne 2
+.na
+\fB\fB-d\fR\fR
+.ad
+.RS 6n
+Toggle debugging of processing the configuration file.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-n\fR\fR
+.ad
+.RS 6n
+Prevents \fBippool\fR from doing anything, such as making ioctl calls, that
+would alter the currently running kernel.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-v\fR\fR
+.ad
+.RS 6n
+Turn verbose mode on.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-z\fR \fIzonename\fR\fR
+.ad
+.RS 6n
+Manage the specified zone's in-zone IP pools. If neither this option nor
+\fB-G\fR is specified, the current zone is used. This command is only
+available in the Global Zone. See \fBZONES\fR in \fBipf\fR(8) for more
+information.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-G\fR \fIzonename\fR\fR
+.ad
+.RS 6n
+Manage the specified zone's global zone controlled IP pools. If neither this
+option nor \fB-z\fR is specified, the current zone is used. This command is
+only available in the Global Zone. See \fBZONES\fR in \fBipf\fR(8) for more
+information.
+.RE
+
+.SS "Instance-Specific Options"
+.LP
+The following instance-specific options are supported:
+.sp
+.ne 2
+.na
+\fB\fB-a\fR\fR
+.ad
+.RS 11n
+Add a new data node to an existing pool in the kernel.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-A\fR\fR
+.ad
+.RS 11n
+Add a new (empty) pool to the kernel.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-f\fR \fIfile\fR\fR
+.ad
+.RS 11n
+Read in IP pool configuration information from \fIfile\fR and load it into the
+kernel.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-F\fR\fR
+.ad
+.RS 11n
+Flush loaded pools from the kernel.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-h\fR\fR
+.ad
+.RS 11n
+Display a list of pools of the type: hash loaded in the kernel.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-l\fR\fR
+.ad
+.RS 11n
+Display a list of pools of the type: tree loaded in the kernel.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-r\fR\fR
+.ad
+.RS 11n
+Remove an existing data node from a pool in the kernel.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-R\fR\fR
+.ad
+.RS 11n
+Remove an existing pool from within the kernel.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-s\fR\fR
+.ad
+.RS 11n
+Display IP pool statistical information.
+.RE
+
+.SS "Other Options"
+.LP
+The following, additional options are supported:
+.sp
+.ne 2
+.na
+\fB\fB-i\fR \fIipaddr\fR[/\fInetmask\fR]\fR
+.ad
+.RS 23n
+Sets the IP address for the operation being undertaken with an all-one's mask
+or, optionally, a specific netmask, given in either dotted-quad notation or as
+a single integer.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-m\fR \fIpoolname\fR\fR
+.ad
+.RS 23n
+Sets the pool name for the current operation.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-M\fR \fIcore\fR\fR
+.ad
+.RS 23n
+Specify an alternative path to \fB/dev/kmem\fR from which to retrieve
+statistical information.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-N\fR \fInamelist\fR\fR
+.ad
+.RS 23n
+Specify an alternative path to lookup symbol name information when retrieving
+statistical information.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-o\fR \fIrole\fR\fR
+.ad
+.RS 23n
+Sets the role with which this pool is to be used. Currently only \fBipf\fR,
+\fBauth\fR, and \fBcount\fR are accepted as arguments to this option.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-S\fR \fIseed\fR\fR
+.ad
+.RS 23n
+Sets the hashing seed to the number specified. For use with hash-type pools
+only.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-t\fR \fItype\fR\fR
+.ad
+.RS 23n
+Sets the type of pool being defined. Must be one of \fBpool\fR, \fBhash\fR, or
+\fBgroup-map\fR.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB-u\fR\fR
+.ad
+.RS 23n
+When parsing a configuration file, rather than load new pool data into the
+kernel, unload it.
+.RE
+
+.SH FILES
+.ne 2
+.na
+\fB\fB/dev/ippool\fR\fR
+.ad
+.RS 24n
+Link to IP Filter pseudo device.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB/dev/kmem\fR\fR
+.ad
+.RS 24n
+Special file that provides access to virtual address space.
+.RE
+
+.sp
+.ne 2
+.na
+\fB\fB/etc/ipf/ippool.conf\fR\fR
+.ad
+.RS 24n
+Location of \fBippool\fR startup configuration file.
+.RE
+
+.SH ATTRIBUTES
+.LP
+See \fBattributes\fR(7) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+box;
+c | c
+l | l .
+ATTRIBUTE TYPE ATTRIBUTE VALUE
+_
+Interface Stability Committed
+.TE
+
+.SH SEE ALSO
+.LP
+.BR ippool (5),
+.BR attributes (7),
+.BR zones (7),
+.BR ipf (8),
+.BR ipfstat (8)
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-16 20:29:45 +0000