From owner-freebsd-net@FreeBSD.ORG  Tue Jun  4 14:06:25 2013
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 0996E538
 for <freebsd-net@freebsd.org>; Tue,  4 Jun 2013 14:06:25 +0000 (UTC)
 (envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
 by mx1.freebsd.org (Postfix) with ESMTP id D4A2C135C
 for <freebsd-net@freebsd.org>; Tue,  4 Jun 2013 14:06:24 +0000 (UTC)
Received: from jre-mbp.elischer.org
 (ppp121-45-237-17.lns20.per1.internode.on.net [121.45.237.17])
 (authenticated bits=0)
 by vps1.elischer.org (8.14.5/8.14.5) with ESMTP id r54E6En3041958
 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
 Tue, 4 Jun 2013 07:06:17 -0700 (PDT)
 (envelope-from julian@freebsd.org)
Message-ID: <51ADF450.7010908@freebsd.org>
Date: Tue, 04 Jun 2013 22:06:08 +0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8;
 rv:17.0) Gecko/20130509 Thunderbird/17.0.6
MIME-Version: 1.0
To: Michael Sierchio <kudzu@tenebras.com>
Subject: Re: ipfw and tablearg formatting
References: <CAPS9+Su=uQG5-s7qmgeUSgnqJscyMhRqXuApo0mkV+qZWU8u0g@mail.gmail.com>
 <CAHu1Y73JbFFDFeX0q+o1X_NK4hoqxg_qDL8E1E_wTdhBvbybeg@mail.gmail.com>
In-Reply-To: <CAHu1Y73JbFFDFeX0q+o1X_NK4hoqxg_qDL8E1E_wTdhBvbybeg@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: FreeBSD Net <freebsd-net@freebsd.org>, Andreas Nilsson <andrnils@gmail.com>
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Jun 2013 14:06:25 -0000

On 6/3/13 11:40 PM, Michael Sierchio wrote:
> On Mon, Jun 3, 2013 at 4:43 AM, Andreas Nilsson <andrnils@gmail.com> wrote:
>> Hello,
>>
>> Still trying out the tablearg functionality of ipfw and found the following:
>>
>> 1)
>> # ipfw table 100 add 192.168.0.0/24 10.0.0.1
>> # ipfw table 100 list
>> 192.168.0.0/24 167772161
>>
>> I guess it is correct, but not user friendly. Can't the tablearg part be
>> printed as normal dotted decimal?
> No - it's an integer. The semantics of the table arg are up to you,
> but it could be a rule number, used in a computed go to, as in

the only way to get this printed correctly would be for the printing 
routines to
keep enough state about the rules  using the table to be able to interpret
the tablearg according to how it was used. this would be a task that 
is way
more complicated than it is worth.

>
> ipfw add 05000 skipto tablearg ip from any to me in recv em1 lookup src-ip 23
>
> I use it to classify traffic based on country of origin.
>
>> Another question: While using tablearg, is there a way to get statistics of
>> each "individual" computed  value instead of just the aggregate statistics
>> for all rules "generated" by the tablearg rule?
> you can log where the target rule is executed, or have a count rule.
>
> - M
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>
>