Commands

-v, --verbose

Display a verbose operation.

-n, --numeric

Use numeric rather than symbolic IP addresses.

-Htype, --hw-typetype

Specify type of entry (ether, arcnet, pronet, ax25, netrom) to be checked.

-a[hostname], --display[hostname]

Display entries of the specified host only.

-dhostname, --deletehostname

Remove all entries for the specified host.

-D, --use-device

Use the interface ifa's hardware address.

-i If, --device If

Specify an interface for dumping.

-shostname hw_addr, --sethostname

Specify a new ARP address hostname-to-hardware-address-class mapping entry.

-ffilename, --filefilename

Specify a filename (frequently /etc/ ethers) containing address mappings. The file format is a hostname, the associated hardware address, and optional pub, temp, and netmask flags delimited by whitespace.

When invoking bootp in inetd mode, set a timeout using the -t option on the command line (10 minutes is a good timeout value).

You can also invoke bootpd and bootpgw from the command line or a shell script.

Invoke bootp from a shell script at startup time when it has a large configuration database (and thus loads slowly).

-t timeout

Specify a timeout value in minutes.

-d debug-level

Specify a debug level (higher == more information).

-c chdir-path

Specify the current directory used by bootpd when checking the existence and size of client boot files.

-i

Force bootpd and bootpgw to run in inetd mode.

-s

Force bootpd and bootpgw to run in standalone mode.

bootptab

Specify a configuration database of known clients.

dumpfile

Specify a file into which bootpd will dump its internal database up receiving a SIGUSR1 flag.

server

Specify a server to forward all BOOTREQUEST packets to.

-fbootfile

Specify a bootfile for use in the request.

-h

Tells bootp to use the ethernet (hardware) address to identify the client.

-m

Specify a magic number to initialize the first word of the vendor options field.

template-file

File used in initializing the options of the request packet.

-v

This mode interprets the specified scriptfile to dial out and open an IP connection.

-t

Run dip interactively.

-i

Dial in mode. Handle incoming connections.

-a

Prompt for user name and password.

-k

Kill the dip process that has locked the specified tty device.

-ltty_line

Use with -k option. Specify the line to be killed.

-m

Specify the maximum transfer unit (MTU).

In general, smaller MTU blocks work better.

-pproto

Specify the line protocol (options are SLIP, CLSIP, PPP, TERM).

-t

Run in test mode.

-v

Display a verbose operation.

Mode

How to invoke

Interactive

(-t option) Set up an outgoing IP connection interactively.

Dialout

(-t with scriptfile specified) Setup a connection automatically.

Dialin

Specify dip as the login shell in /etc/passwd.

label:

Define a label.

beep[times]

Beep on user's terminal the specified number of times.

bootp[howmany [howlong]]

Use BOOTP protocol to retrieve local and remote IP addresses.

break

Send a BREAK.

chatkeykeyword [code]

Add to dip's collection of modem response words.

config [interface|routing] [pre|up|down|post] {arguments...}

Store interface configuration parameters.

databits 7|8

Set the number of data bits.

dec$variable [decrement-value|$variable]

Decrement a variable. The default decrement-value is 1.

default

Tell DIP to set up the default route to the remote host to which it made a connection.

dialphonenumber [timeout]

Dials the specified phone number.

echo on|off

Enable or disable the display of modem commands.

exit [exit-status]

Exit script leaving established [C]SLIP connection intact and dip running.

flush

Flush input on the terminal.

get $variable [value | ask | remote [timeout_value | $variable]]

Get or ask for the value of a variable.

gotolabel

Transfer control to the indicated label in the chat script.

help

Print list of commands.

if expr goto label

Conditional branch. expr is of the form: $variable op constant where op is one of: == != < > <= >=.

inc $variable [increment-value|$variable]

Increment a variable. The default increment-value is 1.

initinit-string

Set the initialization string (sent to the modem before dialing) to the indicated string (default ATE0 Q0 V1 X1).

mode SLIP|CSLIP|PPP|TERM

Set the line protocol (default SLIP).

modemmodem-name

Set the type of modem. Currently, only HAYES is valid.

netmask xxx.xxx.xxx.xxx

Specify a netmask to be used.

parity E|O|N

Set the type of parity.

password

Prompt for a password and send it.

proxyarp

Request Proxy ARP to be set.

print $variable

Display the contents of some variable.

psendcommand[arguments]

Send the output of command to the serial driver, optionally passing arguments to command.

porttty_name

Set the name of the terminal port to use. (The path /dev/ is assumed.)

quit

Exit with nonzero exit status.

reset

Reset the modem. (Sends "+++" then "ATZ".)

securidffixedpart

Store the fixed part of the SecureID password.

securid

Prompt for the variable part of the password generated by the ACE System SecureID card.

sendtext-string

Send a string to the serial driver.

shellcommand[parameters]

Execute command through the default shell with parameters as the command line arguments.

skey [timeout| $variable]

Tell dip to look for an S/Key challenge from the remote terminal server. dip then prompts the user for the secret password, generates the response, and sends it to the remote host. Timeout sets how long dip waits to see the challenge.

sleeptime-in-secs

Wait for the specified length of time.

speedbits-per-sec

Set port speed (default 38400).

stopbits 1|2

Set the number of stop bits.

term

Enter a terminal mode.

timeouttime-in-sec

Set timeout.

waittext[timeout_value | $variable]

Wait for some string to arrive.

$errlvl

Holds the result of the previous command.

$locip

IP number of local host in dotted quad notation.

$local

Fully qualified local host name.

$rmtip

IP number of remote host in dotted quad notation.

$remote

Fully qualified remote host name.

$mtu

Maximum transfer unit (maximum number of bytes transferred at once).

$modem

Modem type (at present the only valid value is HAYES).

$port

The name of the terminal port to use.

$speed

Transfer rate between the local host and the modem, in bits/sec.

--help

Display help information.

--version

Display version information.

-c

Tell gated to parse the configuration file, report any syntax errors, and exit.

-C

Tell gated to parse the configuration file for syntax errors.

-n

Prohibit gated from modifying the kernel forwarding table.

-N

Tell gated not to run as a daemon.

-ttrace_options

Allow the user to specify a comma-separated list of trace options on the command line.

-fconfig_file

Specify a nondefault configuration file.

In order for these controls to take effect, you must start gated with gdc.

-n

Do not check the kernel forwarding table.

-q

Quiet operation. Log any output to the system log.

-tseconds

Allow the user to specify how long gdc will wait for gated to complete startup, shutdown, and other operations.

-ccoresize

Specify an upper limit on the size of core dumps that may be generated by gated. Typically used to up the system default when it is too small to be useful.

-ffilesize

Specify a maximum file size that a gated started with gdc can produce.

-mdatasize

Specify an upper limit on the size of the data segment of a gated started with gdc.

-sstacksize

Specify the maximum size of a stack of a gated started by gdc.

checkconf

Check /etc/gated.conf for syntax errors.

checknew

Check /etc/gated.conf+ for syntax errors.

newconf

Replace /etc/gated.conf with /etc/gated.conf+.

backout

Move the old configuration file (/etc/gated.conf-) back into place as the current active gated.conf. Also rotates the current /etc/gated.conf to /etc/gated.conf+.

BACKOUT

Same as backout, but will overwrite any existing /etc/ gated.conf+.

modeconf

Set all configuration files to mode 664, owner=root, group=gdmaint.

createconf

If /etc/gated.conf+ does not exist, create a zero length file with the file mode set to 664, owner=root, group=gdmaint.

running

Test to see if gated is currently running.

start

Start gated.

stop

Stop gated.

restart

Stop and restart gated.

rmcore

Delete any gated core dump file.

rmdump

Delete any gated state dump file.

rmparse

Delete any parse error file generated by checkconf or checknew.

This command can provide information handy in debugging network problems.

interface

Display the driver name of the interface.

up

Activate the specified interface.

down

Deactivate the specified interface.

[-]arp

Enable or disable the use of the ARP protocol on this interface.

[-]promisc

Activate or deactivate the promiscuous mode of this interface. When activated, all packets on the network will be received.

[-]allmulti

Activate or deactivate all-multicast mode. When active, all multicast packets on the network will be received.

metricN

Specify an interface metric of N.

mtuN

Specify a MTU for an interface.

netmaskaddr

Set the IP network mask for an interface.

add addr/prefixlen

Add an IPv6 address to an interface.

del addr/prefixlen

Remove an IPv6 address from an interface.

tunnel aa.bb.cc.dd

Create a new SIT (IPv6-in-IPv4) device, tunnelling to the given destination.

irqaddr

Specify the interrupt request used by this device.

io_addraddr

Specify a start address in I/O space for this device.

mem_startaddr

Specify a start address for shared memory used by this device.

mediatype

Set the physical port or medium type to be used by the device (10base2, 10baseT, AUI).

[-]broadcast[addr]

If the address argument is given, set the protocol broadcast address for this interface. Otherwise, set or clear the IFF_BROADCAST flag for the interface.

[-]pointopoint[addr]

Enable the point-to-point mode of an interface.

hwclass address

Specify the hardware address of the interface, assuming the device driver supports this operation.

multicast

Set the multicast flag on the interface. Normally this is done without help from the user.

address

Specify the IP address to be assigned to this interface.

txqueuelen length

Specify the length of the transmit queue of the device.

-i

Use when starting with nowait option in /etc/inetd.conf. Starts one identd daemon for each connection request.

-w

Use when starting from inetd with the wait option in the /etc/inetd.conf file.

-b

Use when running the daemon from the command line.

-t<seconds>

Specify the timeout (the length of time a server started with the -w option will wait before dying) in seconds.

-u<uid>

Specify the user id that ident will switch to after binding itself to the TCP/IP port (-b mode only).

-u<uid>

Specify the group id that ident will switch to after binding itself to the TCP/IP port (-b mode only).

-p<port>

Specify an alternative port to bind to when using -b mode. (Default is 113.)

-a<address>

Specify the local address to bind the socket to when using -b mode.

-V

Display version information.

-l

Tell identd to use the system logging daemon.

-o

When used, identd will not reveal the type of its operating system.

-d

Return UNKNOWN-ERROR rather than NO-USER or INVALID-PORT errors.

-c<charset>

Add the optional character set designator to the reply generated.

-C[<keyfile>]

Tell identd to return DES-encrypted tokens rather than user names.

-n

Tell identd to return numbers rather than user names.

-N

Tell identd to check for a .noident file in each home directory that it is about to return a user name for.

-m

Allow multiple requests to be processed each session.

-d

Debug mode. Not normally used as it creates some security problems.

-F

Format output according to the following:

%u

print user name

%U

print user number

%g

print (primary) group name

%G

print (primary) group number

%l

print list of all groups by name

%L

print list of all groups by number

%p

print process ID of running process

%c

print command name

%C

print command and arguments

%e

print the environment

Use -M in conjunction with -e option for sequence numbering and deltas caused by data rewrites on ftp sessions.

-r, --route

Display kernel routing tables.

-i, --interface iface

Display all (or only the specified) network interfaces.

-M, --masquerade

Display a list of all masqueraded sessions.

-N, --netlink

Get information about creation or deletion of interfaces or routes.

-v, --verbose

Display verbose operation.

-n, --numeric

Display numeric addresses rather than attempting to resolve them into symbolic host, port, or user names.

-A, --af family

Set the address families as a comma-separated list of keywords (inet, UNIX, ipx, ax25, netrom, ddp).

-c, --continous

Update the display every second until interrupted.

Proto

Display the protocol (tcp, udp, raw) used by the socket.

Recv-Q

Display the count of bytes not copied by the user program connected to this socket.

Send-Q

Display the count of bytes not acknowledged by the remote host.

Local Address

Display the local address (hostname) and port number of the socket.

Foreign Address

Display the remote address (hostname) and port number of the socket.

State

Display the state of the socket.

ESTABLISHED

Inform that the socket has an established connection.

SYN_SENT

Inform that the socket is actively attempting to establish a connection.

SYN_RECV

Inform that the connection is being initialized.

FIN_WAIT1

Inform that the socket is closed and that the connection is shutting down.

FIN_WAIT2

Inform that connection is closed and that the socket is waiting for a shutdown from the remote end.

TIME_WAIT

Inform that the socket is waiting after close for remote shutdown retransmission.

CLOSED

Inform that the socket is not being used.

CLOSE_WAIT

Inform that the remote end has shut down, waiting for the socket to close.

LAST_ACK

Inform that the remote end has shut down and that the socket is closed. Waiting for acknowledgment.

LISTEN

Inform that the socket is listening for incoming connections.

CLOSING

Inform that both sockets are shut down, but that data still has not been sent.

UNKNOWN

Inform that the state of the socket is unknown.

User

Display the name or the UID of the owner of the socket.

Proto

Display the protocol (usually UNIX) used by the socket.

RefCnt

Display the reference count (i.e., attached processes via this socket).

Flags

Inform that the flags displayed are SO_ACCEPTON (displayed as ACC), SO_WAITDATA (W) or SO_NOSPACE (N).

Type

Inform that there are several types of socket access

SOCK_DGRAM

Used in Datagram (connectionless) mode.

SOCK_STREAM

A stream (connection) socket.

SOCK_RAW

Raw socket.

SOCK_RDM

Reliably delivered messages.

SOCK_SEQPACKET

A sequential packet socket.

SOCK_PACKET

RAW interface access socket.

State

One of the following:

FREE

The socket is unallocated.

LISTENING

Socket is listening for a connection request.

CONNECTING

Socket is about to establish a connection.

CONNECTED

The socket is connected.

DISCONNECTING

The socket is disconnecting.

(empty)

The socket is not connected to another one.

UNKNOWN

This state should never happen.

Path

Path name of the corresponding processes that are attached to the socket.

If you use nslookup a good bit, set your favorite options in a .nslookuprc file in your home directory.

host [server]

Look up information for the specified host using the optionally specified server.

server domain, lserver domain

Change the default server to domain; lserver uses the initial server to look up information about domain, while server uses the current default server.

root

Change the default server to the server for the root of the domain name space.

finger [name] [> filename], finger [name] [>> filename]

Connect with the finger server on the current host.

ls [option] domain [> filename]

ls [option] domain [>> filename]

List the information available for the specified domain, optionally creating or appending to filename.

-t querytype

List all records of the specified type (see querytype below):

-a

List aliases of hosts in the domain.

-d

List all records for the domain.

-h

List CPU and operating system information for the domain.

-s

List well-known services of hosts in the domain.

view filename

Sort and list the output of previous ls commands with more.

help, ?

Prints a brief summary of commands.

exit

Exit the program.

setkeyword [=value]

This command is used to change state information that affects the lookups. Valid keywords are as follows:

all

Print current values.

class=value

Change the query class to one of:

IN

the Internet class

CHAOS

the Chaos class

HESIOD

the MIT Athena Hesiod class

ANY

wildcard (any of the previuosly mentioned commands)

[no] debug

Turn debugging mode on and off.

[no] d2

Turn exhaustive debugging mode on and off.

domain=name

Specify a new default domain.

srchlist=name1/ name2/...

Specify an ordered list of domains to be searched (maximum 6 domains). name1 becomes default domain.

[no] defname

Append default domain name to a single component lookup request.

[no] search

Append domain names in domain search list to the request until an answer is received.

port=value

Change the default TCP/UDP name server port to value.

querytype= valuetype=value

Change the type of information query to one of these:

A

the host's Internet address.

CNAME

the canonical name for an alias.

HINFO

the host CPU and operating system type.

MINFO

the mailbox or mail list information.

MX

the mail exchanger.

NS

the name server for the named zone.

PTR

the host name if the query is an Internet address; otherwise, the pointer to other information.

SOA

the domain's "start-of-authority" information.

TXT

the text information.

UINFO

the user information.

WKS

the supported well-known services.

[no] recurse

Tell the name server to query other servers if it does not have the information.

retry=number

Specify the number of times to retry a request.

root=host

Change the name of the root server to host.

timeout=number

Specify the initial timeout interval in seconds.

[no] vc

Always use a virtual circuit when sending requests to the server.

[no] ignoretc

Ignore packet truncation errors.

Destination

Display the destination network or destination host.

Gateway

Display the the gateway address or "*" if none set.

Genmask

Display the netmask for the destination network.

Flags

Display the possible flags, which are as follows:

U (route is up)

H (target is a host)

G (use gateway)

R (reinstate route for dynamic routing)

D (dynamically installed by daemon or redirect)

M (modified from routing daemon or rederict)

! (reject route)

Metric

Display the distance to the target (usually presented in hops).

Use

Display the count of lookups for the route.

Iface

Display the interface to which packets for this route will be sent.

MSS

Display the maximum Segment Size for TCP connections over this route.

Window

Display the default window size for TCP connections over this route.

irtt

Display the initial (RTT) round trip time.

HH

Display the number of ARP entries and cached routes that refer to the hardware header cache for the cached route.

Arp

Inform you whether or not the hardware address for the cached route is up to date.

-v

Display verbose operation.

-A family

Tell route to use the specified address family.

-n

Use numeric addresses rather than attempting to resolve into host names.

-e

Display the routing table in netstat format.

-net

The target is a network.

-host

The target is a host.

-F

Display the kernel FIB routing table.

-C

Display the kernel's route cache.

del

Delete a route.

add

Add a route.

target

Display the IP address or hostname of the network destination or host.

netmaskNm

Display the Net mask of the route to be added.

gwGw

Route any IP packets for the target network/host through the specified gateway.

metricM

Set the metric field in the routing table (used by routing daemons) to M.

mssM

Specify the TCP maximum segment size (MSS) for connections over this route to M bytes.

windowW

Set the TCP window size for connections over this route to W bytes.

irttI

Set the initial round trip time (irtt) for TCP connections over this route to I milliseconds (1-12000).

reject

Install a blocking route, which will force a route lookup to fail.

mod, dyn, reinstate

Install a dynamic or modified route.

devIf

Force the route to be associated with the specified device, as the kernel will otherwise try to determine the device on its own.

Ifdev

"If" is the last option on the command line, so the word dev may be omitted, as it's the default.

-d

Log additional debug information.

-g

On internetwork routers, this flag is used to specify a possible route to the default destination.

-s

This option forces routed to supply routing information regardless of whether or not it is acting as an internetwork router.

-q

This is the inverse of the -s option.

-t

Display all packets sent or received to standard output.

net

Indicates that the route is to a network.

host

Indicates the route is a specific host.

name1

Indicates the name of the destination network or host.

name2

Display the address of the gateway to which messages should be forwarded.

value

Display a metric that indicates the hop count to the destination.

< passive | active | external >

Indicates nature of the gateway.

-a

Display all machines responding even if no one is logged in.

-l

It is an output long listing and includes user name, host name, tty, date & time logged in, idle time, and remote host (if applicable).

-a

Report access control rules that permit access without an explicit ALLOW keyword.

-d

Examine hosts.allow and hosts.deny files in the current directory instead of the default ones.

-iinet_conf

Use this option when tcpdchk is unable to find your inetd.conf or tlid.conf network configuration file.

-v

Display the contents of each access control rule.

If you're having network service problems, this is not a bad diagnostic aid.

-d

Examine hosts.allow and hosts.deny files in the current directory, instead of the default ones.

-i inet_conf

Specify this option when tcpdmatch is unable to find your inetd.conf or tlid.conf network configuration file or when you suspect that the program uses the wrong one.

-f

Set the initial time to live used in the first outgoing probe packet.

-F

Set the "don't fragment" bit.

-d

Enable socket level debugging.

-g

Specify a loose source route gateway (8 maximum).

-i

Specify a network interface to obtain the source IP address for outgoing probe packets.

-I

Use ICMP ECHO instead of UDP datagrams.

-m

Set the max time to live (max number of hops) used in outgoing probe packets.

-n

Print hop addresses numerically rather than symbolically and numerically.

-p

Set the base UDP port number used in probes.

-r

Bypass the normal routing tables and send directly to a host on an attached network.

-s

Use the following IP address as the source address in outgoing probe packets.

-t

Set the type of service in probe packets to the following value (default zero)

-v

Verbose output.

-w

Set the time (in seconds) to wait for a response to a probe (default 5 sec.).

-x

Toggle checksums.