Date: Sat, 22 Jan 2005 16:29:54 -0500 From: "The Jetman" <jetman@mycbc.com> To: "FBSD IPFW" <freebsd-ipfw@freebsd.org> Subject: About Network Accounting Message-ID: <009501c500c9$951efe30$7300a8c0@EAGLE>
next in thread | raw e-mail | index | archive | help
Recently, there was a little thread about network accounting via IPFW and
was curious about the efficacy of my own solution.
#### x.y.z.14
${ipfw} add pipe 7 ip from x.y.z.14 to any
${ipfw} pipe 7 config bw 1024Kbit/s queue 50
${ipfw} add pipe 8 ip from any to x.y.z.14
${ipfw} pipe 8 config bw 1024Kbit/s queue 50
####
I setup a series of rules for each of a series of real IPs, similar to those
shown above, to cap bwidth usage and to provide a series of byte counters that
could be captured hourly. This box was a bridge bet the client's internal net
and their T1. My CRON job would sit on the working side of a pipe from the
'ipfw -a list' command, then parse each rule for the inbound then outbound
byte/packet count. Each inbound/outbound count was then inserted into a SQL
UPDATE stmt for each IP. Any IP w/o a set of rules as shown above, would be
explicitly inhibited w/ IPFW rules.
I inquire bet I've seen a couple of other approaches and was curious if my
approach makes sense. BTW, I'm not asking for a solution, nor am I asking for
code to complete a project. My code (in Python) is written, is stable, and
appears to deliver the desired results.
TIA. Later....Jet
=============== From the desk of Jethro Wright, III ================
+ Beer is proof that God loves us and wants us to be happy. -
============================================== Benjamin Franklin ===
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?009501c500c9$951efe30$7300a8c0>