From owner-freebsd-questions@FreeBSD.ORG Tue May 28 17:08:57 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 32C997EC for ; Tue, 28 May 2013 17:08:57 +0000 (UTC) (envelope-from pckizer@nostrum.com) Received: from shaman.nostrum.com (nostrum-pt.tunnel.tserv2.fmt.ipv6.he.net [IPv6:2001:470:1f03:267::2]) by mx1.freebsd.org (Postfix) with ESMTP id 0A10F968 for ; Tue, 28 May 2013 17:08:56 +0000 (UTC) Received: from [10.12.10.114] ([4.30.77.1]) (authenticated bits=0) by shaman.nostrum.com (8.14.3/8.14.3) with ESMTP id r4SH8r5x018071 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO) for ; Tue, 28 May 2013 12:08:55 -0500 (CDT) (envelope-from pckizer@nostrum.com) From: Philip Kizer Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Subject: pfctl and verbosely listing tables not giving full output on 9.x Message-Id: <8AA29A95-1CE9-41B5-A2A8-5E208CA496BB@nostrum.com> Date: Tue, 28 May 2013 12:08:53 -0500 To: FreeBSD-Questions Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\)) X-Mailer: Apple Mail (2.1503) Received-SPF: pass (shaman.nostrum.com: 4.30.77.1 is authenticated by a trusted mechanism) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 May 2013 17:08:57 -0000 On some of my older systems, I try and view some tables verbosely as the = manual describes: We can now use the table show command to output, for each = address and packet direction, the number of packets and bytes that = are being passed or blocked by rules referencing the table. = The time at which the current accounting started is also shown with = the ``Cleared'' line. # pfctl -t test -vTshow 129.128.5.191 Cleared: Thu Feb 13 18:55:18 2003 In/Block: [ Packets: 0 Bytes: 0 = ] In/Pass: [ Packets: 10 Bytes: 840 = ] Out/Block: [ Packets: 0 Bytes: 0 = ] Out/Pass: [ Packets: 10 Bytes: 840 = ] and I get what I would expect when I issue the command: # uname -r 8.3-RELEASE-p3 # pfctl -t spam -vTshow No ALTQ support in kernel ALTQ related functions disabled 61.156.238.56 Cleared: Mon May 27 16:06:03 2013 In/Block: [ Packets: 23 Bytes: 1673 = ] In/Pass: [ Packets: 0 Bytes: 0 = ] Out/Block: [ Packets: 0 Bytes: 0 = ] Out/Pass: [ Packets: 0 Bytes: 0 = ] 101.44.1.135 Cleared: Tue May 28 11:14:23 2013 In/Block: [ Packets: 21 Bytes: 1520 = ] In/Pass: [ Packets: 0 Bytes: 0 = ] Out/Block: [ Packets: 0 Bytes: 0 = ] Out/Pass: [ Packets: 0 Bytes: 0 = ] All of my newer systems seem to not be showing me the data I expect: # uname -rm 9.1-RELEASE-p3 amd64 # pfctl -t spam -vTshow No ALTQ support in kernel ALTQ related functions disabled 46.21.161.37 Cleared: Tue May 14 10:37:11 2013 46.29.248.152 Cleared: Sat May 25 03:47:26 2013 46.165.236.153 Cleared: Tue May 14 06:12:05 2013 [...] # uname -rm 9.1-RELEASE i386 # pfctl -t spam -vTshow No ALTQ support in kernel ALTQ related functions disabled 1.235.138.249 Cleared: Sat Apr 27 19:55:15 2013 27.50.140.140 Cleared: Fri Apr 26 13:43:11 2013 31.3.245.178 Cleared: Tue Apr 30 19:30:29 2013 [...] # uname -rm 9.1-RELEASE amd64 # pfctl -t spam -vTshow No ALTQ support in kernel ALTQ related functions disabled 46.29.248.152 Cleared: Sat May 25 03:49:12 2013 50.73.11.52 Cleared: Wed May 22 01:57:10 2013 61.132.228.240 Cleared: Sun May 19 23:46:07 2013 Can anyone confirm similar behaviour on their systems, or has anyone = even tried? I didn't see any active PRs about this. Thanks, Philip