Subject: bin/5466: ipf.8 looks bogus (to me)
To: None <gnats-bugs@gnats.netbsd.org>
From: Heiko W.Rupp <hwr@pilhuhn.de>
List: netbsd-bugs
Date: 05/19/1998 21:38:45
>Number: 5466
>Category: bin
>Synopsis: ipf.8 looks bogus (to me)
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: bin-bug-people (Utility Bug People)
>State: open
>Class: doc-bug
>Submitter-Id: net
>Arrival-Date: Tue May 19 12:50:01 1998
>Last-Modified:
>Originator: Heiko W.Rupp
>Organization:
private
>Release: NetBSD 1.3.1
>Environment:
System: NetBSD snert 1.3.1 NetBSD 1.3.1 (SNERT) #9: Tue May 19 18:33:06 MEST 1998 hwr@snert:/homes/hwr/sys/arch/i386/compile/SNERT i386
>Description:
The comment under -F <i|o|a> looks bogus.
>How-To-Repeat:
man 8 ipf
[...]
-F <i|o|a>
Use of the -l flag toggles default logging of pack-
ets. Valid arguments to this option are pass,
block and nomatch. When an option is set, any
>Fix:
*** ipf.8,1 Tue Nov 25 14:50:31 1997
--- ipf.8 Tue May 19 21:35:04 1998
***************
*** 43,55 ****
.B \-E
Enable the filter (if disabled). Not effective for loadable kernel versions.
.TP
! .BR \-F \0<param>
This option specifies which filter list to flush. The parameter should
either be "i" (input), "o" (output) or "a" (remove all filter rules).
Either a single letter or an entire word starting with the appropriate
letter maybe used. This option maybe before, or after, any other with
the order on the command line being that used to execute options.
.TP
.BR \-f \0<filename>
This option specifies which files
\fBipf\fP should use to get input from for modifying the packet filter rule
--- 43,62 ----
.B \-E
Enable the filter (if disabled). Not effective for loadable kernel versions.
.TP
! .BR \-F \0<i|o|a>
This option specifies which filter list to flush. The parameter should
either be "i" (input), "o" (output) or "a" (remove all filter rules).
Either a single letter or an entire word starting with the appropriate
letter maybe used. This option maybe before, or after, any other with
the order on the command line being that used to execute options.
.TP
+ .BR \-F \0<s|S>
+ To flush entries from the state table, the \fB-F\fP option is used in
+ conjuction with either "s" (removes state information about any non-fully
+ established connections) or "S" (deletes the entire state table). Only
+ one of the two options may be given. A fully established connection
+ will show up in \fBipfstat -s\fP output as 4/4, with deviations either
+ .TP
.BR \-f \0<filename>
This option specifies which files
\fBipf\fP should use to get input from for modifying the packet filter rule
***************
*** 58,76 ****
.B \-I
Set the list to make changes to the inactive list.
.TP
! .BR \-F \0<i|o|a>
Use of the \fB-l\fP flag toggles default logging of packets. Valid
arguments to this option are \fBpass\fP, \fBblock\fP and \fBnomatch\fP.
When an option is set, any packet which exits filtering and matches the
set category is logged. This is most useful for causing all packets
which don't match any of the loaded rules to be logged.
- .TP
- .BR \-F \0<s|S>
- To flush entries from the state table, the \fB-F\fP option is used in
- conjuction with either "s" (removes state information about any non-fully
- established connections) or "S" (deletes the entire state table). Only
- one of the two options may be given. A fully established connection
- will show up in \fBipfstat -s\fP output as 4/4, with deviations either
.TP
.B \-n
This flag (no-change) prevents \fBipf\fP from actually making any ioctl
--- 65,76 ----
.B \-I
Set the list to make changes to the inactive list.
.TP
! .BR \-l \0<pass|block|nomatch>
Use of the \fB-l\fP flag toggles default logging of packets. Valid
arguments to this option are \fBpass\fP, \fBblock\fP and \fBnomatch\fP.
When an option is set, any packet which exits filtering and matches the
set category is logged. This is most useful for causing all packets
which don't match any of the loaded rules to be logged.
.TP
.B \-n
This flag (no-change) prevents \fBipf\fP from actually making any ioctl
>Audit-Trail:
>Unformatted: