Date: Thu, 26 Jun 2003 22:56:56 -0700 From: Luigi Rizzo <rizzo@icir.org> To: Robert Watson <rwatson@freebsd.org> Cc: Adam <blueeskimo@gmx.net> Subject: Re: Bandwidth monitoring Message-ID: <20030626225656.A79716@xorpc.icir.org> In-Reply-To: <Pine.NEB.3.96L.1030626190216.67803B-100000@fledge.watson.org>; from rwatson@freebsd.org on Thu, Jun 26, 2003 at 07:05:57PM -0400 References: <Pine.BSF.4.21.0306261555530.12070-100000@InterJet.elischer.org> <Pine.NEB.3.96L.1030626190216.67803B-100000@fledge.watson.org>
index | next in thread | previous in thread | raw e-mail
On Thu, Jun 26, 2003 at 07:05:57PM -0400, Robert Watson wrote:
...
> > that an ISP is likely to charge for and have the tables 'reaped every
> > now and then by a daemon to give a time dimension to the data..
>
> Well, the case that this code was designed for was passive monitoring of
> many IPs over many systems (some of which have a large number of IP
> addresses, each to be separately billed). I also wanted to specifically
> disqualify local traffic between the hosts, since that wasn't part of the
> billing structure. You could certainly implement this using ipfw
> accounting, but only if you wanted to add one firewall rule for each
> matching case of interest (since we needed to separately measure), and you
just for the records, you can do counting on a per-host basis with
a single ipfw rule, using dummynet pipes:
... rules to remove undesired traffic...
ipfw add pipe 1 ip from ${my_subnet} to not ${my_subnet} in
ipfw pipe 1 config mask src-ip 0xffffffff
sysctl net.inet.ip.dummynet.expire=0
This of course requires that the traffic you are interested in
flows through the box where you are running the above ipfw config.
cheers
luigi
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030626225656.A79716>