5 ipf, 1 ipf view – Draytek Telnet Command 1.11 User Manual

Telnet Command Reference Guide V1.1

28

2.5 ipf

This command allows users to view the version of the IP filter, to view/set the log flag, to view
the running IP filter rules.

2.5.1 ipf view

ipf [-VzZ][-1 block]

ipf [-VzZ][-1 pass]

ipf [-VzZ][-1 nomatch]

ipf [-VzZ][-1 none]

ipf view [-cdfhrtz]

Syntax Description

V

It means to show the version of this IP filter.

z

It means to clear a filter rule’s statistics.

Z

It means to clear IP filter’s gross statistics.

-1

It means to set the log flag.

block

It means to log the packet which will be blocked by IP filter.

pass

It means to log the packet that passes through IP filter.

nomatch

It means to log the packet that doesn't match any rule in IP filter.

none

It means logging or not depends on filter rule setting.

-c

It means to show the running call filter rules.

-d

It means to show the running data filter rules.

-f

It means to show IP fragment states.

-h

It means to show the hit-number of the filter rules.

-r

It means to show the running call and data filter rules.

-t

It means to display to the end.

-z

It means to clear the statistics of IP filter rules.

Example

>ipf –V -1 pass

Ipf: IP Filter: v3.3.1 <416>

Kernel: IP Filter: v3.3.1

Running: yes

Log Flags: 0x0 = none set

Default: pass all, Logging: available

>ipf view –c

------ Call Filter Rules ------

[Set 1 Rule 1]

Schedule:

Source IP : any

Destination IP: any

Service Type: TCP/UDP port from 137-139 to any

Fragments: Don’t Care

Action: Block immediately