Before You Begin
You must become an administrator who is assigned the Network Link Security rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
# dladm show-linkprop -p protection,allowed-ips,allowed-dhcp-cids link
The following example shows the values for the protection, allowed-ips, and allowed-dhcp-cids properties for the vnic0 link:
# dladm show-linkprop -p protection,allowed-ips,allowed-dhcp-cids vnic0 LINK PROPERTY PERM VALUE EFFECTIVE DEFAULT POSSIBLE vnic0 protection rw mac-nospoof mac-nospoof -- mac-nospoof, restricted restricted restricted, ip-nospoof ip-nospoof ip-nospoof, dhcp-nospoof dhcp-nospoof dhcp-nospoof vnic0 allowed-ips rw 192.0.2.11, 192.0.2.11, -- -- 192.0.2.12 192.0.2.12 vnic0 allowed-dhcp-cids rw hello hello -- --
The output of the dlstat command is committed, so this command is suitable for scripts.
# dlstat -A ... vnic0 mac_misc_stat multircv 0 brdcstrcv 0 multixmt 0 brdcstxmt 0 multircvbytes 0 bcstrcvbytes 0 multixmtbytes 0 bcstxmtbytes 0 txerrors 0 macspoofed 0 <---------- ipspoofed 0 <---------- dhcpspoofed 0 <---------- restricted 0 <---------- ipackets 3 rbytes 182 ...
The output indicates that no spoofed or restricted packets have attempted to pass through.
For more information, see the dlstat(8) man page.