Date: Fri, 1 Oct 1999 14:17:35 +0200 (CEST) From: Zahemszky Gabor <zgabor@CoDe.hu> To: freebsd-ipfw@freebsd.org Subject: packet counting with firewall Message-ID: <199910011217.OAA00958@CoDe.hu>
next in thread | raw e-mail | index | archive | help
Hi!
I need a way to count the network traffic on some of the pppX interfaces.
So ipfw's count action is good to me. I have two methods in my mind:
a) Every time, the connection established
in ip-up:
ipfw -q add X+1 count ip from any to any via pppX
and in ip-down:
ipfw show X+1 >> logfile
ipfw -q delete X+1
b) At system startup, I add all the count rules:
ipfw -q add 1 count ip from any to any via ppp0
ipfw -q add 2 count ip from any to any via ppp1
ipfw -q add 3 count ip from any to any via ppp2
etc.
and in ip-up:
ipfw -q zero X+1
and in ip-down:
ipfw show X+1 >> logfile
(I use interface X and rule X+1 - is there any problem with the rule number
0? Eg. in iijppp, rule 0 is special. If not, it's a bit simpler, of course.)
So my question is that simple: which is the better method? Adding/removing
rules, or adding rules at the beginning (and check them on every packet)
and sometimes zeroing them?
By the way, I'm interested in another alternatives if it's too crazy. Yes I
know that with netstat -iI pppX I can get the packet statistics, but:
a) are there any methods to reset the counters, eg: netstat -z -I pppX or
something like that
b) netstat counts the packets before or after ipfw/ipf?
(And netstat's counters are only packets, and I think that a 100 byte
packet has not to be counted equal to a 1000 byte packet.)
Thank,
Gabor
PS: Please CC: to me, as I'm not on that list. Thanx!
ZGabor at CoDe dot HU
--
#!/bin/ksh
Z='21N16I25C25E30, 40M30E33E25T15U!' ;IFS=' ABCDEFGHIJKLMNOPQRSTUVWXYZ ';set $Z ;for i { [[ $i = ? ]]&&print $i&&break;[[ $i = ??? ]]&&j=$i&&i=${i%?};typeset -i40 i=8#$i;print -n ${i#???};[[ "$j" = ??? ]]&&print -n "${j#??} "&&j=;typeset +i i;};IFS=' 0123456789 ';set $Z;X=;for i { [[ $i = , ]]&&i=2;[[ $i = ?? ]]||typeset -l i;X="$X $i";typeset +l i;};print "$X"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199910011217.OAA00958>