From owner-freebsd-ipfw@FreeBSD.ORG Sat Jan 22 21:30:35 2005 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0873716A4CE for ; Sat, 22 Jan 2005 21:30:35 +0000 (GMT) Received: from out001.verizon.net (out001pub.verizon.net [206.46.170.140]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5A3CC43D2F for ; Sat, 22 Jan 2005 21:30:34 +0000 (GMT) (envelope-from jetman@mycbc.com) Received: from EAGLE ([70.18.34.185]) by out001.verizon.net (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP id <20050122213033.KMIU28025.out001.verizon.net@EAGLE> for ; Sat, 22 Jan 2005 15:30:33 -0600 Message-ID: <009501c500c9$951efe30$7300a8c0@EAGLE> From: "The Jetman" To: "FBSD IPFW" Date: Sat, 22 Jan 2005 16:29:54 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Authentication-Info: Submitted using SMTP AUTH at out001.verizon.net from [70.18.34.185] at Sat, 22 Jan 2005 15:30:29 -0600 Subject: About Network Accounting X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Jan 2005 21:30:35 -0000 Recently, there was a little thread about network accounting via IPFW and was curious about the efficacy of my own solution. #### x.y.z.14 ${ipfw} add pipe 7 ip from x.y.z.14 to any ${ipfw} pipe 7 config bw 1024Kbit/s queue 50 ${ipfw} add pipe 8 ip from any to x.y.z.14 ${ipfw} pipe 8 config bw 1024Kbit/s queue 50 #### I setup a series of rules for each of a series of real IPs, similar to those shown above, to cap bwidth usage and to provide a series of byte counters that could be captured hourly. This box was a bridge bet the client's internal net and their T1. My CRON job would sit on the working side of a pipe from the 'ipfw -a list' command, then parse each rule for the inbound then outbound byte/packet count. Each inbound/outbound count was then inserted into a SQL UPDATE stmt for each IP. Any IP w/o a set of rules as shown above, would be explicitly inhibited w/ IPFW rules. I inquire bet I've seen a couple of other approaches and was curious if my approach makes sense. BTW, I'm not asking for a solution, nor am I asking for code to complete a project. My code (in Python) is written, is stable, and appears to deliver the desired results. TIA. Later....Jet =============== From the desk of Jethro Wright, III ================ + Beer is proof that God loves us and wants us to be happy. - ============================================== Benjamin Franklin ===