Date: Sun, 20 Mar 2005 16:25:14 +0100 From: Michal Mertl <mime@traveller.cz> To: "Eugene M. Minkovskii" <emin@mccme.ru> Cc: freebsd-questions@freebsd.org Subject: Re: OpenBSD's pf and traffic Message-ID: <1111332314.648.44.camel@genius2.i.cz> In-Reply-To: <20050320093159.GA3213@mccme.ru> References: <20050320093159.GA3213@mccme.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Eugene M. Minkovskii píše v ne 20. 03. 2005 v 12:31 +0300:
> Hello!
>
> Does any body know, how can I use OpenBSD's pf (packet filter) for
> determine total traffic volume on network interface? If it's
> impossible, what facility you recommend me to do this?
>
I don't know much about pf, but I use ipfw and /usr/ports/sysutils/ipa
for the purpose. Works very well for me. IPFW itself has counters but
ipa makes the stats persist across reboots and changes to the ruleset.
Be carefull not to reconfigure ipfw from under running ipa - it will
think the counters overflowed and add huge numbers to the last known
value. Additionally ipa can do much more than just simple counters.
I configure it like this:
ipfw:
100 add allow all from any to any in via xl0
110 add allow all from any to any out via xl0
ipa(/usr/local/etc/ipa.conf):
rule xl0-in {
ipfw = 100
info = Incoming traffic for xl0
}
rule xl0-out {
ipfw = 110
info = Outgoing traffic for xl0
}
HTH
Michal Mertl
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1111332314.648.44.camel>