From owner-freebsd-questions Wed Jan 31 22: 5:13 2001 Delivered-To: freebsd-questions@freebsd.org Received: from xs4some.net (CC4140-a.sneek1.fr.nl.home.com [212.120.108.75]) by hub.freebsd.org (Postfix) with ESMTP id BEA5B37B698 for ; Wed, 31 Jan 2001 22:04:55 -0800 (PST) Received: by xs4some.net (Postfix, from userid 1000) id 64BFC2C90F; Thu, 1 Feb 2001 07:04:54 +0100 (CET) From: Fenix To: Sam Wun Subject: Re: packets in ipmon Date: Thu, 1 Feb 2001 07:04:54 +0100 X-Mailer: KMail [version 1.1.99] Content-Type: text/plain; charset="us-ascii" References: <00c901c08a66$5f1ce3c0$0101a8c0@pavilion> <01020100222100.11584@xs4some.net> <3A78FB23.3C441BDB@esec.com.au> In-Reply-To: <3A78FB23.3C441BDB@esec.com.au> Cc: freebsd-questions@freebsd.org MIME-Version: 1.0 Message-Id: <01020107045404.00362@xs4some.net> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I don't know if ipmon nativly supports what you need but if you run ipmon as a daemon and let it log to a log file then you can just "tail -f /var/log/ipf.log | grep ip_you_want_to_see" , or something like that you can enable ipmon from rc.conf ipmon_enable="yes", ipmon_flags="-D /var/log/ipf.log" also chek /etc/defaults/rc.conf for possible ipf ipnat options and ipmon man page On Thursday 01 February 2001 06:58, you wrote: > Is it always a single packet in the ipmon blocked msg? If I want to know a > how many packets has been blocked to a destination ip address, I will need > to add up all the blocked msg to this destination ip address. the ipstat > only shows the total packets (for all addresses) that has been blocked by > ipmon > > Thanks Sam > > Fenix wrote: > > The line you include in your mail just shows a single packet that has > > been blocked > > use ipfstat to see details about blocket packets etcetra > > tpi: instll ports/misc/display and use it like #display -1 ipfstat > > > > Greets Fenix > > > > On Wednesday 31 January 2001 23:28, you wrote: > > > Hi, > > > > > > I am wondering which part of the output from ipmon message indicate > > > number of packets has been blocked? for example: > > > > > > Feb 1 09:25:14 swun ipmon[55]: 09:25:14.540972 dc0 @0:18 b > > > 203.21.85.29,631 -> 203.21.85.255,631 PR udp len 20 34816 IN > > > > > > Thanks > > > Sam -- If you have to hate, hate gently .... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message