-s modifier
Show the filter parameters specified by modifier (may be abbrevi-
ated):
-s nat Show the currently loaded NAT rules.
-s queue Show the currently loaded queue rules. When used
together with -v, per-queue statistics are also
shown. When used together with -v -v, pfctl will
loop and show updated queue statistics every five
seconds, including measured bandwidth and packets
per second.
-s rules Show the currently loaded filter rules. When used
together with -v, the per-rule statistics (number
of evaluations, packets and bytes) are also shown.
Note that the ``skip step'' optimization done
automatically by the kernel will skip evaluation
of rules where possible. Packets passed state-
fully are counted in the rule that created the
state (even though the rule isn't evaluated more
than once for the entire connection).
-s Anchors Show the currently loaded anchors directly
attached to the main ruleset. If -a anchor is
specified as well, the anchors loaded directly
below the given anchor are shown instead. If -v
is specified, all anchors attached under the tar-
get anchor will be displayed recursively.
-s state Show the contents of the state table.
-s Sources Show the contents of the source tracking table.
-s info Show filter information (statistics and counters).
When used together with -v, source tracking sta-
tistics are also shown.
-s labels Show per-rule statistics (label, evaluations,
packets total, bytes total, packets in, bytes in,
packets out, bytes out) of filter rules with
labels, useful for accounting.
-s timeouts Show the current global timeouts.
-s memory Show the current pool memory hard limits.
-s Tables Show the list of tables.
-s osfp Show the list of operating system fingerprints.
-s Interfaces Show the list of interfaces and interface drivers
available to PF. When used together with -v, it
additionally lists which interfaces have skip
rules activated. When used together with -vv,
interface statistics are also shown. -i can be
used to select an interface or a group of inter-
faces.
-s all Show all of the above, except for the lists of
interfaces and operating system fingerprints.
阅读(2621) | 评论(0) | 转发(0) |