Date: Thu, 03 Apr 1997 16:15:28 +0300 From: Nadav Eiron <nadav@barcode.co.il> To: Adrian Chadd <adrian@deathstar.ml.org> Cc: freebsd-questions@freebsd.org Subject: Re: Question with packet accounting. Message-ID: <3343AD70.5184@barcode.co.il> References: <Pine.LNX.3.95.970403191650.5188A-100000@deathstar.ml.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Adrian Chadd wrote: > > Hi. > > I have a gateway machine with 3 ether cards, one ether for the internet > server network, one for the office network and one for the routers. > > I've compiled ip firewalling, and enabled ip forwarding/gatewaying via > sysctl. > > I have setup a default "pass all" rule, then have the following : > > ipfw add xx pass tcp from any portnum to any > > And then I do an ipfw -a list to grab the packet accounting info. > > Now, the info returned is only for packets passing THROUGH the box, (ie > between interfaces), not internal-network (ie between two machines on the > same network)? Yeah. ipfw accounting just counts the IP packets on *this* machine. If you want to see all that's passing on a net, you need to use bpf. > > Also, does it only log the packet passing THOUGH the box, and not going in > one interface and out the other? I don't understand this question. The rule will count whatever it is told to. For example, you may specify a specific interface to do accounting/filtering for with the "via" keyword, or only packets going in a specific direction with the in/out keywords. ipfw merely follows the rules you give it... > > Please CC the reply to me as I'm currently stuck at work and my normal > list email feed goes to my box which isn't online atm. > > Thankyou, > > Adrian Chadd > <adrian@psinet.net.au> Nadav
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3343AD70.5184>