From owner-freebsd-questions Thu Feb 21 10:30:17 2002 Delivered-To: freebsd-questions@freebsd.org Received: from ulixes.esc.ac.at (ulixes.esc.ac.at [193.170.216.34]) by hub.freebsd.org (Postfix) with ESMTP id E168937B405 for ; Thu, 21 Feb 2002 10:29:56 -0800 (PST) Received: from ulixes.esc.ac.at (localhost.esc.ac.at [127.0.0.1]) by ulixes.esc.ac.at (8.12.2/8.12.2) with ESMTP id g1LITsHr050782 for ; Thu, 21 Feb 2002 19:29:54 +0100 (CET) (envelope-from flo@ulixes.esc.ac.at) Received: (from flo@localhost) by ulixes.esc.ac.at (8.12.2/8.12.2/Submit) id g1LITs9v050781 for freebsd-questions@freebsd.org; Thu, 21 Feb 2002 19:29:54 +0100 (CET) (envelope-from flo) Date: Thu, 21 Feb 2002 19:29:54 +0100 From: Florian Nigsch To: freebsd-questions@freebsd.org Subject: IPFW rules Message-ID: <20020221192954.A50541@nigsch.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi all, On a dualhomed host, FreeBSD 4.5-STABLE, consider the following: ed0 = 1.2.3.4 (official IP) ed1 = 192.168.1.0 (unoffical IP) the box runs NATd. -> Traffic accounting: If I only want to count the actual traffic coming from / going to the Internet, is the rule count ip from any to any via ed0 sufficient? To count the traffic from the inside hosts (192.168.1.0/24) to and from the Internet, the rules count ip from 192.168.1.0/24 to any count ip from any to 192.168.1.0/24 should work. But that includes the internal traffic as well. Do I get this internal traffic with count ip from any to any via ed1 ? To what this all boils down: When a packet from an inside host (192.168.1.0/24) goes out to the internet, when does NATd change the adress and hence which counters are updatedb? thanks, flo -- --- Florian Nigsch http://flo.nigsch.com/ PGP key: http://flo.nigsch.com/fnigsch.asc -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GE d- s: a-- C++ UB++++ P+ L- E--- W N+ o+ K- w-- O-- M- V- PS+ PE Y+ PGP++ 5 X+ R* tv-- b+ DI+++++ D++ G- e* h r* y+++++ ------END GEEK CODE BLOCK------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message