unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (NetBSD-6.1.5)
Page:
Section:
Apropos / Subsearch:
optional field

IPMON(5)                      File Formats Manual                     IPMON(5)



NAME
       ipmon, ipmon.conf - ipmon configuration file format

DESCRIPTION
       The format for files accepted by ipmon is described by the following
       grammar:

       "match" "{" matchlist "}" "do" "{" doing "}" ";"

       matchlist ::= matching [ "," matching ] .
       matching  ::= direction | dstip | dstport | every | group | interface |
                     logtag | nattag | protocol | result | rule | srcip | srcport .

       dolist ::= doing [ "," doing ] .
       doing  ::= execute | save | syslog .

       direction ::= "in" | "out" .
       dstip     ::= "dstip" "=" ipv4 "/" number .
       dstport   ::= "dstport" "=" number .
       every     ::= "every" every-options .
       execute   ::= "execute" "=" string .
       group     ::= "group" "=" string | "group" "=" number .
       interface ::= "interface" "=" string .
       logtag    ::= "logtag" "=" string | "logtag" "=" number .
       nattag    ::= "nattag" "=" string .
       protocol  ::= "protocol" "=" string | "protocol" "=" number .
       result    ::= "result" "=" result-option .
       rule      ::= "rule" "=" number .
       srcip     ::= "srcip" "=" ipv4 "/" number .
       srcport   ::= "srcport" "=" number .
       type      ::= "type" "=" ipftype .
       ipv4      ::= number "." number "." number "." number .

       every-options ::= "second" | number "seconds" | "packet" | number "packets" .
       result-option ::= "pass" | "block" | "short" | "nomatch" | "log" .
       ipftype ::= "ipf" | "nat" | "state" .


       In addition, lines that start with a # are considered to be comments.

OVERVIEW
       The ipmon configuration file is used for defining rules to be executed
       when logging records are read from /dev/ipl.

       At present, only IPv4 matching is available for source/destination
       address matching.

MATCHING
       Each rule for ipmon consists of two primary segments: the first
       describes how the log record is to be matched, the second defines what
       action to take if there is a positive match.  All entries of the rules
       present in the file are compared for matches - there is no first or
       last rule match.

FILES
       /dev/ipl
       /dev/ipf
       /dev/ipnat
       /dev/ipstate
       /etc/ipmon.conf

SEE ALSO
       ipmon(8), ipl(4)



                                                                      IPMON(5)