From owner-freebsd-pf@FreeBSD.ORG  Fri Mar 18 08:36:27 2005
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9B5A616A4CE
	for <freebsd-pf@freebsd.org>; Fri, 18 Mar 2005 08:36:27 +0000 (GMT)
Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.207])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2B7E343D48
	for <freebsd-pf@freebsd.org>; Fri, 18 Mar 2005 08:36:27 +0000 (GMT)
	(envelope-from dinzdale@gmail.com)
Received: by rproxy.gmail.com with SMTP id j1so67282rnf
        for <freebsd-pf@freebsd.org>; Fri, 18 Mar 2005 00:36:26 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=beta; d=gmail.com;
	h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding;
	b=PdF9woPS97RYmFjBbhGcGBwoqoYDSuKbS+99H1xKyhpADJ/xv5rgs3mdsHssfh2DFqLq/C84S4ixjoTD0WBkPTyMgq3k7NWsVGYqu1QFDawJXccyMLMgrFtEAscjqeE9T7JDsrtLKUDeU8mlL4cLWBb266FUd1QOvvKcu/pC76o=
Received: by 10.38.75.78 with SMTP id x78mr2552750rna;
        Fri, 18 Mar 2005 00:36:26 -0800 (PST)
Received: by 10.38.11.55 with HTTP; Fri, 18 Mar 2005 00:36:26 -0800 (PST)
Message-ID: <ee918c7805031800363fed881e@mail.gmail.com>
Date: Fri, 18 Mar 2005 10:36:26 +0200
From: stephen <dinzdale@gmail.com>
To: freebsd-pf@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: traffic accounting
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: stephen <dinzdale@gmail.com>
List-Id: Technical discussion and general questions about packet filter (pf)
	<freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Mar 2005 08:36:27 -0000

Hi all,


Having a little difficulty regarding traffic counting.

I have a macro ($soh) with about 30 IPs in it.. The first problem I
was having was that:
  pass out on $ext_if from $soh to any keep state label "$srcaddr:: "
was not passing traffic. (nat changing source address before reaching
filtering rules)

Someone then recommended having the following instead:
  pass in  on $int_if from $soh to any keep state label "$srcaddr:: "
  pass out on $ext_if from any to any keep state label "total::  "

which is now letting traffic out with the pass out rule, but the pass
in rule is not counting traffic... whenever doing "pftcl -sl" I can
see the "total::" label rising as more bandwidth is used, but all the
other labels for all the private IPs remain on zero.

Could someone possibly help rectify this?
(they are also the last rules in the ruleset so the "last match wins"
is correct)

Thanks
Stephen