Search all pages
Professions, Sciences, Humanities, Business, ...
Text-based, GUI, Audio, Video, Keyboards, Mouse, Images,...
Conversions, tests, processing, manipulation,...
Integer, Floating point, Matrix, Statistics, Boolean, ...
Algorithms, Memory, Process control, Debugging, ...
Data storage, Integrity, Encryption, Compression, ...
Networks, protocols, Interprocess, Remote, Client Server, ...
Timing, Calendar and Clock, Audio, Video, Printer, Controls...
Management, Filtering, File & Directory access, Viewers, ...
RocketLink!--> Man page versions:
IPFTEST(1) OpenBSD Reference Manual IPFTEST(1)
ipftest - test packet filter rules with arbitrary input
ipftest [-vbdPSTEHX] [-I interface] -r filename [-i filename]
With ipftest operators can see the effects of an ipf filter ruleset on
test packets, rather than having to observe the effects of the ruleset on
live traffic. This can reduce the disruptions experienced during the de-
velopment and refinement of secure IP environments.
ipftest reads test packets from stdin or the file specified by the -i op-
tion, applies the ruleset specified by the -r option to each, and gener-
ates information about the effect of the ruleset on each packet to
Captured or handcrafted packets to be tested can be supplied in a variety
of formats. See the options -P, -S, -T, -H and -E for details. In addi-
tion the -X option gives ipftest the ability to use its own text descrip-
tion format to generate ``fake'' packets. The format used is:
in|out on if [tcp|udp|icmp] srchost [, port] dsthost [, port] [-FSRPAU]
This allows for input or output ICMP, TCP, or UDP packets to be generated
for any interface. For TCP or UDP it allows the specification of source
and destination ports. For TCP it allows the specification of TCP flags.
Some examples are:
# a UDP packet coming in on le0
in on le0 udp 10.1.1.1,2210 10.2.1.5,23
# an IP packet coming in on le0 from localhost - hmm :)
in on le0 localhost 10.4.12.1
# a TCP packet going out of le0 with the SYN flag set.
out on le0 tcp 10.4.12.1,2245 10.1.1.1,23 S
The following options are available:
-v Verbose mode. This provides more information about which
parts of rule matching the packet passes and fails.
-d Turn on filter rule debugging. Currently, this only shows
what caused the rule to not match in the IP header checking
-b Cause the output to be a one word description of the result
of passing the packet through the filter: pass, block or no-
match. This is used in the regression testing.
Set the interface name (used in rule matching) to be the name
supplied. This is useful with the -P, -S and -E options,
where it is not otherwise possible to associate a packet with
an interface. Normal ``text packets'' can override this set-
-P The input file is in the binary format produced using libpcap
(i.e., tcpdump version 3). Packets are read from this file
as being input (for rule purposes). An interface may be
specified using -I.
-S The input file is in ``snoop'' format (see RFC 1761). Pack-
ets are read from this file and used as input from any inter-
face. This is perhaps the most useful input type, currently.
-T The input file is text output from tcpdump. The text formats
which are currently supported are those which result from the
following tcpdump option combinations:
-H The input file is hex digits, representing the binary makeup
of the packets. No length correction is made if an incorrect
length is put in the IP header.
-X The input file is composed of text descriptions of IP pack-
-E The input file is text output from etherfind. The text for-
mats which are currently supported are those which result
from the following etherfind option combinations:
etherfind -n -t
Specify the filename from which to take input. Default is
Specify the filename from which to read filter rules.
snoop(1m), ipf(5), ipf(8), tcpdump(8), etherfind(8c)
Not all of the input formats are capable of introducing a wide enough va-
riety of packets to be useful in testing.
OpenBSD 2.6 May 23, 1999 2
Source: OpenBSD 2.6 man pages. Copyright: Portions are copyrighted by BERKELEY
SOFTWARE DESIGN, INC., The Regents of the University of California, Massachusetts
Institute of Technology, Free Software Foundation, FreeBSD Inc., and others.
(Corrections, notes, and links courtesy of RocketAware.com)
FreeBSD Sources for ipftest(1)
OpenBSD sources for ipftest(1)
Up to: Socket and I/O Operations - socket() and related functions.
RocketLink!--> Man page versions:
Search | About | Comments | Submit Path: RocketAware >
RocketAware.com is a service of Mib Software
Copyright 1999, Forrest J. Cavalier III. All Rights Reserved.
We welcome submissions and comments