From owner-freebsd-questions@FreeBSD.ORG Thu Aug 26 16:45:29 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8C9E91065694 for ; Thu, 26 Aug 2010 16:45:29 +0000 (UTC) (envelope-from gpeel@thenetnow.com) Received: from constellation.thenetnow.com (constellation.thenetnow.com [207.112.4.14]) by mx1.freebsd.org (Postfix) with ESMTP id 62A488FC0A for ; Thu, 26 Aug 2010 16:45:29 +0000 (UTC) Received: from hpeel.ody.ca ([216.240.12.2] helo=GRANTPC) by constellation.thenetnow.com with esmtpa (Exim 4.69 (FreeBSD)) (envelope-from ) id 1OofZj-000Bex-A4 for freebsd-questions@freebsd.org; Thu, 26 Aug 2010 12:45:15 -0400 Message-ID: <3055827D2E3346A49D6D44F7F71D7EA3@GRANTPC> From: "Grant Peel" To: Date: Thu, 26 Aug 2010 12:45:27 -0400 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.5843 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579 X-Mailman-Approved-At: Thu, 26 Aug 2010 16:56:31 +0000 Subject: IPFW and ipa X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Aug 2010 16:45:29 -0000 Hi all, Since FreeBSD 4.4, I have been using ipa(1.3.6) to do bandwidth accounting. Since upgrading to FreeBSD 8, I now get log messages saying that the ipfw rules do not exist: Example (one example of hundreds doing the same thing): Aug 26 07:32:59 constellation ipa[2940]: rule rulename.ipa: 10017.0 doesn't exist in IPFW kernel table Aug 26 07:32:59 constellation ipa[2940]: rule rulename.ipa: 10017.1 doesn't exist in IPFW kernel table The ipfw rule does exist: #ipfw -a list 10017 4826 4903117 count ip from nnn.nnn.nnn.nnn to any via bge0 10017 4233 655962 count ip from any to nnn.nnn.nnn.nnn via bge0 The /usr/local/etc/ipa.conf rule looks like so: rule rulename.ipa { ipfw = 10017 10017.1 info = rulename bandwidth } The ipa database is empty: constellation# ipastat -r rulename.ipa +---------------------+---------------------------+---------------------+---------------------+ | Rule | Info | From | To | +---------------------+---------------------------+---------------------+---------------------+ | rulename.ipa | rulename bandwidth | 2010.08.01/00:00:00 | 2010.08.31/24:00:00 | +---------------------+---------------------------+---------------------+---------------------+ +------------+-------+--------+ | Date | Bytes | Mbytes | +------------+-------+--------+ | 2010.08.01 | 0 | 0 | | 2010.08.02 | 0 | 0 | | 2010.08.03 | 0 | 0 | | 2010.08.04 | 0 | 0 | | 2010.08.05 | 0 | 0 | | 2010.08.06 | 0 | 0 | | 2010.08.07 | 0 | 0 | | 2010.08.08 | 0 | 0 | | 2010.08.09 | 0 | 0 | | 2010.08.10 | 0 | 0 | | 2010.08.11 | 0 | 0 | | 2010.08.12 | 0 | 0 | | 2010.08.13 | 0 | 0 | | 2010.08.14 | 0 | 0 | | 2010.08.15 | 0 | 0 | | 2010.08.16 | 0 | 0 | | 2010.08.17 | 0 | 0 | | 2010.08.18 | 0 | 0 | | 2010.08.19 | 0 | 0 | | 2010.08.20 | 0 | 0 | | 2010.08.21 | 0 | 0 | | 2010.08.22 | 0 | 0 | | 2010.08.23 | 0 | 0 | | 2010.08.24 | 0 | 0 | | 2010.08.25 | 0 | 0 | | 2010.08.26 | 0 | 0 | +------------+-------+--------+ | | 0 | 0 | +------------+-------+--------+ * 26 days * Has something changed in ipfw that no longer allows the .0 and .1 part? Does anyone know of a fix or workaround? -Grant