Date: Sun, 18 Dec 2005 22:46:08 +0100 From: Frank Steinborn <frank@ircnow.org> To: freebsd-questions@freebsd.org Subject: Re: Compacting the "pf -v -s rules" output similar to "ipfstat -ionh" Message-ID: <20051218214608.GA92198@scott.blazing.de> In-Reply-To: <20051218213501.GA72282@holestein.holy.cow> References: <20051218213501.GA72282@holestein.holy.cow>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Parv wrote: > I am currently trying pf instead of ipf; rules were brought over > easily besides the user errors. I am still in the process of to be at > ease w/ pf logging & statistics. > > Before i write it myself, has anybody got a already prepared way to > compact the "pfctl -v -s rules" output ... > > pass in on lo0 all > [ Evaluations: 22188 Packets: 10925 Bytes: 8392463 States: 0 ] > pass out on lo0 all > [ Evaluations: 21850 Packets: 10925 Bytes: 8392463 States: 0 ] > block drop in on em0 all > [ Evaluations: 22188 Packets: 6 Bytes: 360 States: 0 ] > block drop in quick on em0 inet proto tcp from 192.168.2.0/24 to any port 137:139 > [ Evaluations: 19 Packets: 0 Bytes: 0 States: 0 ] > > > ... to something like ... > > 22188 pass in on lo0 all > 21850 pass out on lo0 all > 22188 block drop in on em0 all > 19 block drop in quick on em0 inet proto tcp from 192.168.2.0/24 to any port 137:139 Don't use -v, just pfctl -s rules. That, however, won't give you a number of packets/bytes passed to the rules. Frank [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDpdigK0akcUHxdB0RAnRWAKCUk0X6RCVw+8mO0NQJWy+L/7IEqACghDxY ZrkO6/9QUSTPS6wFH/J2HlM= =lKKr -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051218214608.GA92198>