From owner-freebsd-net@FreeBSD.ORG  Mon Jun  3 15:40:06 2013
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 75E79E02
 for <freebsd-net@freebsd.org>; Mon,  3 Jun 2013 15:40:06 +0000 (UTC)
 (envelope-from kudzu@tenebras.com)
Received: from mail-ob0-x230.google.com (mail-ob0-x230.google.com
 [IPv6:2607:f8b0:4003:c01::230])
 by mx1.freebsd.org (Postfix) with ESMTP id 46D451649
 for <freebsd-net@freebsd.org>; Mon,  3 Jun 2013 15:40:06 +0000 (UTC)
Received: by mail-ob0-f176.google.com with SMTP id v19so7284217obq.7
 for <freebsd-net@freebsd.org>; Mon, 03 Jun 2013 08:40:06 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=google.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type:x-gm-message-state;
 bh=hq3SIoqIYfm+tWPhnmWuFRZRPtoaa4V3yAZQCAhb6Mc=;
 b=MDTI4fypuIlpqx7lXIPY7A1dFX/eUjAd5X4hDtOrInJPhT8pYV7CckK0u85eiF1INs
 OFkAAGNvxrhdN6fhCHOqgu3EW23Pc8FVTDF7klQW0aeDRn/oqZbUFvXj53GaVP9Ru+dL
 U2Dk/O6OURkqzU7yRDgTkXlsNjpnmhDx+bj2djvXvn9paeGwrff2IYgnSgnuJKR9g6T8
 3GCVFhS0Zb/DJsyK9W7OdeqeeE3VsJY7NQ+zrh6CjISoXYp84Yu46MlSZUVkUKigBSpo
 5pMajjiNTIC+OTOQ4tJE7wAWZhwyLRth+wFbmgsubpL2Cl4bvWbok8NzBZAsVmFvv/4y
 47EA==
MIME-Version: 1.0
X-Received: by 10.60.125.72 with SMTP id mo8mr10202145oeb.11.1370274005829;
 Mon, 03 Jun 2013 08:40:05 -0700 (PDT)
Received: by 10.60.35.132 with HTTP; Mon, 3 Jun 2013 08:40:05 -0700 (PDT)
In-Reply-To: <CAPS9+Su=uQG5-s7qmgeUSgnqJscyMhRqXuApo0mkV+qZWU8u0g@mail.gmail.com>
References: <CAPS9+Su=uQG5-s7qmgeUSgnqJscyMhRqXuApo0mkV+qZWU8u0g@mail.gmail.com>
Date: Mon, 3 Jun 2013 08:40:05 -0700
Message-ID: <CAHu1Y73JbFFDFeX0q+o1X_NK4hoqxg_qDL8E1E_wTdhBvbybeg@mail.gmail.com>
Subject: Re: ipfw and tablearg formatting
From: Michael Sierchio <kudzu@tenebras.com>
To: Andreas Nilsson <andrnils@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
X-Gm-Message-State: ALoCoQml7eqElgHyzHjkJDnCA30A3+IJNDNdPIIRHu0X7brXHmAapxxsV0K9MrUW780HtE5JtFen
Cc: FreeBSD Net <freebsd-net@freebsd.org>
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Jun 2013 15:40:06 -0000

On Mon, Jun 3, 2013 at 4:43 AM, Andreas Nilsson <andrnils@gmail.com> wrote:
> Hello,
>
> Still trying out the tablearg functionality of ipfw and found the following:
>
> 1)
> # ipfw table 100 add 192.168.0.0/24 10.0.0.1
> # ipfw table 100 list
> 192.168.0.0/24 167772161
>
> I guess it is correct, but not user friendly. Can't the tablearg part be
> printed as normal dotted decimal?

No - it's an integer. The semantics of the table arg are up to you,
but it could be a rule number, used in a computed go to, as in

ipfw add 05000 skipto tablearg ip from any to me in recv em1 lookup src-ip 23

I use it to classify traffic based on country of origin.

> Another question: While using tablearg, is there a way to get statistics of
> each "individual" computed  value instead of just the aggregate statistics
> for all rules "generated" by the tablearg rule?

you can log where the target rule is executed, or have a count rule.

- M