Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 1 Oct 1999 17:42:49 +0300
From:      Ruslan Ermilov <ru@ucb.crimea.ua>
To:        Zahemszky Gabor <zgabor@CoDe.hu>
Cc:        freebsd-ipfw@FreeBSD.ORG, green@FreeBSD.ORG
Subject:   Re: packet counting with firewall
Message-ID:  <19991001174249.D79506@relay.ucb.crimea.ua>
In-Reply-To: <199910011217.OAA00958@CoDe.hu>; from Zahemszky Gabor on Fri, Oct 01, 1999 at 02:17:35PM +0200
References:  <199910011217.OAA00958@CoDe.hu>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Hi!

It would be great, if this operation was atomic, i.e.
# ipfw -a zero 100
would zero the counters and show their old values.

Any takers?  Brian?


On Fri, Oct 01, 1999 at 02:17:35PM +0200, Zahemszky Gabor wrote:
> Hi!
> 
> I need a way to count the network traffic on some of the pppX interfaces.
> So ipfw's count action is good to me.  I have two methods in my mind:
> 
> a)  Every time, the connection established
> in ip-up:
> ipfw -q add X+1 count ip from any to any via pppX
> and in ip-down:
> ipfw show X+1 >> logfile
> ipfw -q delete X+1
> 
> b) At system startup, I add all the count rules:
> 
> ipfw -q add 1 count ip from any to any via ppp0
> ipfw -q add 2 count ip from any to any via ppp1
> ipfw -q add 3 count ip from any to any via ppp2
>  etc.
> and in ip-up:
> ipfw -q zero X+1
> and in ip-down:
> ipfw show X+1 >> logfile
> 
> (I use interface X and rule X+1 - is there any problem with the rule number
> 0?  Eg. in iijppp, rule 0 is special.  If not, it's a bit simpler, of course.)
> 
> So my question is that simple: which is the better method?  Adding/removing
> rules, or adding rules at the beginning (and check them on every packet)
> and sometimes zeroing them?
> 
> By the way, I'm interested in another alternatives if it's too crazy.  Yes I
> know that with netstat -iI pppX I can get the packet statistics, but:
> a) are there any methods to reset the counters, eg: netstat -z -I pppX or
> something like that
> b) netstat counts the packets before or after ipfw/ipf?
> (And netstat's counters are only packets, and I think that a 100 byte
> packet has not to be counted equal to a 1000 byte packet.)
> 
> Thank,
> 	Gabor
> 
> PS: Please CC: to me, as I'm not on that list.  Thanx!
> 
> ZGabor at CoDe dot HU
> 
> -- 
> #!/bin/ksh
> Z='21N16I25C25E30, 40M30E33E25T15U!' ;IFS=' ABCDEFGHIJKLMNOPQRSTUVWXYZ ';set $Z ;for i { [[ $i = ? ]]&&print $i&&break;[[ $i = ??? ]]&&j=$i&&i=${i%?};typeset -i40 i=8#$i;print -n ${i#???};[[ "$j" = ??? ]]&&print -n "${j#??} "&&j=;typeset +i i;};IFS=' 0123456789 ';set $Z;X=;for i { [[ $i = , ]]&&i=2;[[ $i = ?? ]]||typeset -l i;X="$X $i";typeset +l i;};print "$X"
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-ipfw" in the body of the message

-- 
Ruslan Ermilov		Sysadmin and DBA of the
ru@ucb.crimea.ua	United Commercial Bank,
ru@FreeBSD.org		FreeBSD committer,
+380.652.247.647	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?19991001174249.D79506>