iptstate(8) -- Linux man page

 

NAME

iptstate - A top-like display of IP Tables state table entries  

SYNOPSIS

iptstate [-fhlRst] [-r seconds ] [-b [d|p|s|t]]  

DESCRIPTION

iptstate displays information held in the IP Tables state table in real-time in a top-like format. Output can be sorted by any field, or any field reversed. Users can choose to have the output only print once and exit. Refresh rate is also customizable.  

COMMAND-LINE OPTIONS

-b
This option tells IPTState how to sort the output. The options are:
d Destination IP
p Protocol
s State
t TTL
-d
Do not dynamically size the window based on terminal sizing information; instead use default iptstate sizing.
-f
Filter anything on loopback.
-h
Display help message.
-l
Resolve all IP address to domain names. This truncates from the Source address from the right (you know your own domain) and destination addresses from the left (domains are most helpful here). Warning: this can take a long time to startup due to all the resolving.
-r seconds
This tells IPTState what refresh rate you want (ignored when used with -s).
-R
Sort in reverse.
-s
Single-run mode. This will print the state table formatted on the screen once without using curses.
-t
Show totals (total states, total TCP states, etc.)
 

INTERACTIVE OPTIONS

The following my be used while IPTState is running to change its behavior (unless you use -s).
d
Toggle between letting iptstate dynamically size the columns and using the old default sizes
f
Toggle filtering of loopback
l
Toggle DNS lookups on IP addresses
q
Quit
r
Toggle reverse sorting
s
Change sorting to the next field
t
Toggle display of totals
space
Immediately update the display. Use this if you resize the window.
 

BUGS

The only known bug at this point is a memory leak. If you have a lot of traffic I don't recommend leaving IPTState running overnight on your firewall because it may run out of memory. Since I don't use any dynamic data structures I have not been able to find the memory leak, but feel free to try.  

BUG REPORTS

All bugs should be reported to Phil Dibowitz <phil@ipom.com>, NOT your local distribution bug list. Please see the README and BUGS for more information on bug reports. Please read the WISHLIST before sending in features you hope to see.  

NOTES

The truncation of names in lookup mode happens from the right for source because you most likely know your own domain name, and from the left for destination because knowing your users are connection to "mail.a." doesn't help much.  

SEE ALSO

iptables(8)
 

AUTHOR

IPTState (and this man page) was written by
Phil Dibowitz <phil@ipom.com>
http://www.phildev.net/iptstate/