BSD PF Firewall: Displays Active Packetfilter States And Rules

Q. How do I view active connections with PF firewall under FreeBSD / OpenBSD UNIX operating system?

A. You need to use pftop command which displays the active packetfilter states and rules, and periodically updates this information. It provides a “top” like view of the PF state table.

Install pftop

pftop can be installed from the FreeBSD / OpenBSD ports collection, or downloaded from the pftop website. Under FreeBSD type the following command to update ports and install the latest version:
# portsnap fetch update
# cd /usr/ports/sysutils/pftop
# make install clean

Start pftop

pftop displays source and destination IP addresses, TCP and UDP port numbers, packets and bytes transmitted, the age of a connection, and the time left until a connection will be removed from the state table:
# pftop
Sample output:

Fig.01: pftop in action (click to enlarge)

To exit press q. Following commands are currently recognized:

c Enable disable state caching (enabled by default).
f Set the state filter expression.
h,? Display a summary of the commands (help screen).
n Set number of lines to display.
o Select next sorting Order.
p Pause/resume display updates.
q Quit pftop.
r Reverse current sorting order.
s Set display update interval in Seconds.
v Select next View.
0-7 Select one of the views directly.
Cursor Scroll display (up/down), and switch views (left/right). Most of the emacs/mg motion keys work as well.
SPACE Update display immediately.
CTRL-L Refresh display.
CTRL-G Clear command entry line.

Further readings:

  • man page pftop, pf and pfctl

Posted by: SXI ADMIN

The author is the creator of SXI LLC and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

How to Make Website WCAG Compliant?

Next Post

Link download Kali Linux 2020.1 (ISO + Torrent)

Related Posts