From owner-freebsd-questions  Sat Jan 25  9:10:18 2003
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5982137B401
	for <freebsd-questions@freebsd.org>; Sat, 25 Jan 2003 09:10:17 -0800 (PST)
Received: from samson.sentinelchicken.net (h-64-105-205-76.CMBRMAOR.covad.net [64.105.205.76])
	by mx1.FreeBSD.org (Postfix) with SMTP id 489C243E4A
	for <freebsd-questions@freebsd.org>; Sat, 25 Jan 2003 09:10:16 -0800 (PST)
	(envelope-from jwm@sentinelchicken.net)
Received: (qmail 7935 invoked by uid 1000); 25 Jan 2003 17:11:13 -0000
Date: Sat, 25 Jan 2003 12:11:13 -0500
From: Jason Morgan <jwm-freebsd@sentinelchicken.net>
To: Frank.Reppin@boerde.de, freebsd-questions@freebsd.org
Subject: Re: monitoring traffic with IPFW - good idea?
Message-ID: <20030125171113.GB7778@sentinelchicken.net>
References: <20030125160751.GB7622@sentinelchicken.net> <Pine.LNX.4.44.0301251734180.795-100000@relay.boerde.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.44.0301251734180.795-100000@relay.boerde.de>
User-Agent: Mutt/1.4i
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Thanks, that's what I wanted to hear.

Jason



On Sat, Jan 25, 2003 at 05:46:28PM +0100, Frank Reppin wrote:
> On Sat, 25 Jan 2003, Jason Morgan wrote:
> 
> Hi,
> 
> yes - why not. I do the same here on our net with IPFW count
> rules. In this way I divided those rules to monitor different
> subnets, protocols and I also monitor the bandwidth usage
> for some services. All this informations gets then piped
> through MRTG (www.mrtg.org) and produces some nice graphs - showing
> the used bandwidth.
> On the other hand it might be enough for you, if you only see
> what actually happened by watching the rules manually - in other
> words - get the output mailed from time to time.
> 
> Maybe someone has a clue, if a lot of count rules (I mean really lots
> of them) have any 'bad' side effects on performance. So far I don't
> see problems with around 80 rules on PII400/128MB counting traffic
> from/to upstream (2.3Mbit/s) via 100MBit/s interfaces in this box.
> I think of doing accounting here for a /22 net (atm this is done
> by a linux box with ipac).
> 
> Best regards,
> 
> Frank Reppin
> 
> -- 
> Heidestr. 15
> 39112 Magdeburg
> Germany
> 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message