From owner-freebsd-questions Wed Nov 8 16:03:35 1995 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id QAA00184 for questions-outgoing; Wed, 8 Nov 1995 16:03:35 -0800 Received: from mulga.cs.mu.OZ.AU (mulga.cs.mu.OZ.AU [128.250.1.22]) by freefall.freebsd.org (8.6.12/8.6.6) with SMTP id QAA00177 for ; Wed, 8 Nov 1995 16:03:30 -0800 Received: by mulga.cs.mu.OZ.AU (5.83--+1.3.1+0.50); id AA07677 Thu, 9 Nov 1995 11:03:18 +1100 (from rdsgc) From: Gavin CAMERON Message-Id: <9511090003.7677@mulga.cs.mu.OZ.AU> Subject: Question about IP accounting in FreeBSD 2.0.5 To: questions@FreeBSD.org Date: Thu, 9 Nov 1995 11:03:16 +1100 (EST) X-Mailer: ELM [version 2.4 PL24 ME5a] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 988 Sender: owner-questions@FreeBSD.org Precedence: bulk I have a question about IP accounting in the 2.0.5 FreeBSD kernel. I setup my accounting chain in the following way: ipfw adda single all from hostA to hostB via ppp0 ipfw adda single all from 0.0.0.0/0 to hostB via ppp0 What I want to be able to do is account for all traffic that IS NOT coming from hostA. Logically, the second rule should catch this. Here's my question. In FreeBSD once a packet matches one accounting rule is it matched against any other accounting rules? If it is, should it be? I say no. But there many be a very compelling reason why it is. It appears to me that the counters are updated for every accounting rule that the packet matches. So in the above example a packet coming from hostA will be caught by both rules, and we get double accounting for the packet. I can write scripts to get around the problem, but the implementation seems flawed. Can you put me in contact with the person who implemented this code. Gavin gavin@ormond.unimelb.edu.au