pfstat(1) — Commands
NAME
pfstat − Print packet filter status information
SYNOPSIS
/usr/bin/pfstat [options] [system]
OPTIONS
If no options are given, then all are assumed (except for the verbose option, −v).
cCounts. Displays various counts (per ethernet unit) including number of packets sent and received, the number of packets dropped due to full input queues, the number of packets not wanted by any filter, and the number of packets missed by the interface.
dDescriptors. Displays OpenDescriptors for each minor device.
fFilters. Displays packet filters for each minor device.
pParameters. Displays device parameters including device type, header and address lengths, maximum transmission units (MTU), and interface and broadcast addresses.
qQueueElements. Displays the QueueElements.
sScavenger. Displays the FreeQueue and Scavenger statistics.
vVerbose. Displays information for minor devices not actually in use and complete queue information, only if this option is given.
<digit>
Limits output to information about specified units. If no digits are given, all units are displayed. Valid digits are 0 to 7.
DESCRIPTION
The pfstat command interprets the data structures of the packet filter driver packetfilter(7). The data structures are contained in /dev/kmem. If system is given, the required namelist is taken from there; otherwise, it is taken from /vmunix.
RESTRICTIONS
Some of the output is a bit cramped to fit on an 80-character line. It should be possible to get a less verbose but more readable listing.
Since things happen quickly, it is not likely that pfstat will provide a consistent view of a running system. It is mostly useful for analyzing static or slowly-varying problems, not transient ones.
OUTPUT FORMAT
This section describes the information displayed in the output of the pfstat command under the headings AllDescriptors, Filters, and QueueElts.
AllDescriptors
#Minor device number for open descriptor.
LOC
Descriptor location.
LINK-QUEUE
Forward link to other descriptors.
STATE
Blank, or one of the following:
waitWaiting for input, indefinite wait
timedWaiting for input, timed wait
toutHas timed out
WAIT-QUEUE
Addresses of “Queue Elements” for waiting packets.
NQ’D
Number of packets queued for input/maximum for this queue.
TOUT
Timeout duration in clock ticks (if the −v [Verbose] option is not given, then times may be expressed as minutes [with a trailing “m”], hours [with a trailing “h”], or simply “long”, to keep the columns lined up.)
MODE
Shows which mode bits are set for the minor device; each bit is encoded as a single character:
HENHOLDSIG
BENBATCH
TENTSTAMP
PENPROMISC
NENNONEXCL
CENCOPYALL
bENBPFHDR
?An unknown mode bit is set.
SIGSignal number to be delivered when a packet arrives.
PROC
Process to be signaled when a packet arrives.
PIDProcess id which enabled the signal.
Filters
#Minor device number of filter.
COUNT
Count of packets accepted by this filter.
DROPS
Count of “recent” drops for this filter.
PRIPriority of filter. (Not applicable to BPF-style filters.)
LEN
Length of filter (in shortwords).
FILTER
See packetfilter(7) for interpretation of packet filters. See bpf(7) for interpretation of BPF-style filters.
QueueElts
LOC
Location of queue element.
LINK-QUEUE
Forward and backward links.
COUNT
Packet size.
REF
Reference count for queue element.
FLAGS
Per-packet flag bits set; each bit is encoded as a single character:
PENSF_PROMISC
BENSF_BROADCAST
MENSF_MULTICAST
TENSF_TRAILER
?An unknown flag bit is set.
DROP
Count of packets dropped between the time previous packet was queued and the time this packet was queued.
TIME
Approximate time this packet was received.
FILES
/vmunix
Namelist
/dev/kmem
Default source of tables