From owner-freebsd-questions@FreeBSD.ORG Thu Jan 29 15:20:48 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A03AD106567D for ; Thu, 29 Jan 2009 15:20:48 +0000 (UTC) (envelope-from fbsd.questions@rachie.is-a-geek.net) Received: from mail.rachie.is-a-geek.net (rachie.is-a-geek.net [66.230.99.27]) by mx1.freebsd.org (Postfix) with ESMTP id 71C978FC23 for ; Thu, 29 Jan 2009 15:20:48 +0000 (UTC) (envelope-from fbsd.questions@rachie.is-a-geek.net) Received: from localhost (mail.rachie.is-a-geek.net [192.168.2.101]) by mail.rachie.is-a-geek.net (Postfix) with ESMTP id E7F79AFBCCB; Thu, 29 Jan 2009 06:20:47 -0900 (AKST) From: Mel To: freebsd-questions@freebsd.org Date: Thu, 29 Jan 2009 06:20:47 -0900 User-Agent: KMail/1.9.10 References: <4981A577.6090002@gmail.com> In-Reply-To: <4981A577.6090002@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200901290620.47704.fbsd.questions@rachie.is-a-geek.net> Cc: Gunther Mayer Subject: Re: Saving pf state for accounting X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Jan 2009 15:20:49 -0000 On Thursday 29 January 2009 03:47:51 Gunther Mayer wrote: > That's all fair and well but I lose all that lovely accounting > information upon reboot so how do I go about saving this? I've googled > quite a bit to look for a solution but have found nothing useful so far, > just unanswered posts in the past. The package of choice for traffic accounting is radius. That said, it's probably more work to set up initially then hacking the rc script, if you don't need it's authentication facilities. > From what I can tell so far I'd have to write a custom rc script which > redirects "pfctl -sl" into some sort of logfile which then may be > retrieved at a later stage (and added to current counter output). Is > there an easier way perhaps? Not that I can see, especially since for completeness, you'd have to hack the actual /etc/rc.d/pf, because statistics are reset upon rule reload. -- Mel Problem with today's modular software: they start with the modules and never get to the software part.