Date: Wed, 18 May 2005 12:36:45 -0700 From: Jon Simola <jsimola@gmail.com> To: KrzychK2 <krzychk2@o2.pl>, freebsd-isp@freebsd.org Subject: Re: Re[2]: Net statistics for single user Message-ID: <8eea04080505181236722f2fbe@mail.gmail.com> In-Reply-To: <731745783.20050518153546@o2.pl> References: <43330830.20050517234412@o2.pl> <8eea04080505171520f2b19ae@mail.gmail.com> <731745783.20050518153546@o2.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/18/05, KrzychK2 <krzychk2@o2.pl> wrote: > Well maybe this is a good solution but how making 200 tables will > affect to capacity of pf. 200 tables will have very little effect. Here's another example from my live 5.3-STABLE router running pf: table <vlan100_ips> persist file "/etc/pf/vlan100_ips" pass in on vlan100 from <vlan100_ips> to any keep state pass out on vlan100 from any to <vlan100_ips> keep state That table has 2024 IPs in it, and collects traffic statistics for each IP. I'm not sure why you'd need 200 tables, I only use one or two per interface. At least one of the OpenBSD guys has the entire 1.4 million entry SBL loaded as a single table with pf. That is almost exactly the same as I still do with ipfw and dummynet (pre ipfw tables): ipfw pipe 1 config mask src-ip 0xffffffff buckets 512 ipfw pipe 2 config mask dst-ip 0xffffffff buckets 512 ipfw add 32001 pipe 1 src-ip x.x.x.0/24 bridged ipfw add 32002 pipe 2 dst-ip x.x.x.0/24 bridged and then read the counters with "ipfw pipe show". Both methods required some perl scripting to read the counters and insert the results in a database, per-ip, giving me the ability to graph and summarize customer traffic in 5 minute intevals. --=20 Jon Simola Systems Administrator ABC Communications
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8eea04080505181236722f2fbe>