From owner-freebsd-bugs Sun Feb 8 12:30:03 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA29848 for freebsd-bugs-outgoing; Sun, 8 Feb 1998 12:30:03 -0800 (PST) (envelope-from owner-freebsd-bugs@FreeBSD.ORG) Received: (from gnats@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA29820; Sun, 8 Feb 1998 12:30:01 -0800 (PST) (envelope-from gnats) Received: from pc759.cs.msu.su (pc759.cs.msu.su [158.250.10.223]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA29476 for ; Sun, 8 Feb 1998 12:27:35 -0800 (PST) (envelope-from laskavy@Hedgehog.CS.MSU.SU) Received: from Hedgehog.CS.MSU.SU (d85.z194-58-227.relcom.ru [194.58.227.85]) by pc759.cs.msu.su (8.8.5/8.8.5) with ESMTP id XAA07762 for ; Sun, 8 Feb 1998 23:27:38 +0300 (MSK) Received: (from laskavy@localhost) by Hedgehog.CS.MSU.SU (8.8.8/8.8.8) id XAA02789; Sun, 8 Feb 1998 23:20:58 +0300 (MSK) (envelope-from laskavy) Message-Id: <199802082020.XAA02789@Hedgehog.CS.MSU.SU> Date: Sun, 8 Feb 1998 23:20:58 +0300 (MSK) From: laskavy@Hedgehog.CS.MSU.SU Reply-To: laskavy@Hedgehog.CS.MSU.SU To: FreeBSD-gnats-submit@FreeBSD.ORG X-Send-Pr-Version: 3.2 Subject: kern/5682: ipfw: byte counters: overflow Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 5682 >Category: kern >Synopsis: ipfw: byte counters: overflow >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Feb 8 12:30:00 PST 1998 >Last-Modified: >Originator: Sergei S. Laskavy >Organization: Gambit Automated Design >Release: FreeBSD 2.2.5-STABLE i386 >Environment: uname -a FreeBSD Hedgehog.Moscow.Ru 2.2.5-STABLE FreeBSD 2.2.5-STABLE #0: Thu Feb 5 02:54:46 MSK 1998 laskavy@Hedgehog.Moscow.Ru:/usr/src/sys/compile/HEDGEHOG i386 grep -i ipf /sys/i386/conf/HEDGEHOG options IPFIREWALL options IPFIREWALL_VERBOSE options "IPFIREWALL_VERBOSE_LIMIT=100" grep -i firew /etc/rc.conf firewall_enable="YES" firewall_type="open" firewall_quiet="YES" ipfw list 01000 allow ip from any to any via lo0 01010 deny ip from 127.0.0.0/8 to 127.0.0.0/8 65000 allow ip from any to any 65535 deny ip from any to any >Description: On a fast network ipfw byte counters grow rapidly. This makes IP traffic accounting harder, because we can not just do "ipfw -a list" monthly, need to count real traffic using external programs. On a router with 2Mbit uplink the byte counter may overflow every 5 hours, on a 100Mbit -- every 3 minutes. >How-To-Repeat: <--------------------------------------------------------------- #!/bin/sh # We use Bourne shell syntax # This program will use loopback to test ipfw byte counter # 1) clear counters for the loopback allow all rule: ipfw zero `ipfw list|grep 'allow ip from any to any via lo0'|awk '{print$1}'` # 2) simulate busy network using "flood ping": ping -f -s 8000 127.0.0.1 >/dev/null 2>&1 & # 3) check the packet and byte counter every 10 seconds: while :; do ipfw -a l sleep 10 done | awk '/allow ip from any to any via lo0/{print $3, $2, $3/$2}' # 4) kill the "flood ping" process kill $! <--------------------------------------------------------------- I got the following output: [skipped] 2806396128 349576 8028 3116758608 388236 8028 3427281648 426916 8028 3733630128 465076 8028 4043061360 503620 8028 --------> here the bytes counter turned oved 56529824 542040 104.291 366378512 580636 630.995 668199200 618232 1080.82 The overflow of byte counter occured in a few minutes. >Fix: Can we do ipfw counters at least 64-bit? If not, then how do you suggest to collect IP accounting information? >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message