Date: Tue, 17 Sep 2002 00:16:53 -0700 From: Luigi Rizzo <rizzo@icir.org> To: "Jacob S. Barrett" <jbarrett@amduat.net> Cc: freebsd-ipfw <freebsd-ipfw@FreeBSD.ORG> Subject: Re: MAC Layer Bandwidth Limiting Message-ID: <20020917001653.A52387@iguana.icir.org> In-Reply-To: <3D86CEEB.2010100@amduat.net>; from jbarrett@amduat.net on Mon, Sep 16, 2002 at 11:42:51PM -0700 References: <3D864865.2030607@amduat.net> <3D86C25C.50104@amduat.net> <20020916230259.A51851@iguana.icir.org> <3D86CEEB.2010100@amduat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Sep 16, 2002 at 11:42:51PM -0700, Jacob S. Barrett wrote: ... > > yes... in fact, the implementation of masks should be slightly revised > > so one can use more or less arbitrary fields instead of just the > > ip addresses. Next feature i guess... > > I would love for this to be a new feature soon. well, if you like to spend time on it, my idea is to accumulate bits from the packet into an opaque mask field (say a total of 128 bits) which is then used to identify the flow. This should be done somewhere in ip_dummynet() when the processing of the mask is done. > Should I just take snapshots every so often and calculate deltas from yes, in userland. Make sure that the rulesets do not change from one snapshot to the other (this includes dynamic rules) or that you correctly match rules between the two snapshots. > that. I also need to be aware of counter roll over events. What is the > max value of the byte counter in the rules and pipes stats? they are 64 bit counters. It still takes "a few years" before they overflow, even counting bits at gigabit speeds. cheers luigi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020917001653.A52387>