===================== ippool http://download.oracle.com/docs/cd/E19082-01/819-2240/ippool-1m/index.html #Read in IP pool configuration information from file and load it into the kernel. ippool -f /etc/ipf/ippool.conf #Display a list of pools of the type: tree loaded in the kernel. ippool -l #Remove an existing data node from a pool in the kernel. ippool -r -m 100 -i 123.123.123.123/32 #Add a new data node to an existing pool in the kernel. ippool -a -m 100 -i 123.123.123.123/32 #Flush loaded pools from the kernel (Empty all) ippool -F ===================== http://www.netbsd.org/docs/network/nsps/config_ipf.html http://www.obfuscation.org/ipf/ipf-howto.html Some Commonly used ipf commands =============================== ipf -E : Enable ipfilter when running : for the first time. : (Needed for ipf on Tru64) ipf -f /etc/ipf/ipf.conf : Load rules in /etc/ipf/ipf.conf file : into the active firewall. ipf -Fa -f /etc/ipf/ipf.conf : Flush all rules, then load rules in : /etc/ipf/ipf.conf into active firwall. ipf -Fi : Flush all input rules. ipf -I -f /etc/ipf/ipf.conf : Load rules in /etc/ipf/ipf.conf file : into inactive firewall. ipf -V : Show version info and active list. ipf -s : Swap active and inactive firewalls. ipfstat : Show summary ipfstat -i : Show input list ipfstat -o : Show output list ipfstat -hio : Show hits against all rules ipfstat -t -T 5 : Monitor the state table and refresh every : 5 seconds. Output is similiar to : 'top' monitoring the process table. ipmon -s S : Watch state table. ipmon -sn : Write logged entries to syslog, and : convert back to hostnames and servicenames. ipmon -s [file] : Write logged entries to some file. ipmon -Ds : Run ipmon as a daemon, and log to : default location. : (/var/adm/messages for Solaris) : (/var/log/syslog for Tru64)