From owner-freebsd-pf@freebsd.org Fri Jun 26 11:56:58 2020 Return-Path: Delivered-To: freebsd-pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3E5D2355F8F for ; Fri, 26 Jun 2020 11:56:58 +0000 (UTC) (envelope-from ozkan.kirik@gmail.com) Received: from mail-ua1-x936.google.com (mail-ua1-x936.google.com [IPv6:2607:f8b0:4864:20::936]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 49tb2w3vmqz4Wl6 for ; Fri, 26 Jun 2020 11:56:55 +0000 (UTC) (envelope-from ozkan.kirik@gmail.com) Received: by mail-ua1-x936.google.com with SMTP id u6so151199uau.8 for ; Fri, 26 Jun 2020 04:56:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=w3oY2rXh6UFjlPyYf5SgeJ4uJxJH6dfIM0jQYZw/imk=; b=UarZx4kutbcR5yLrAiOerYwijwe2kUjgMfEMQSJ+y34u29CekBX046xBEEaDAlttsS ZDRhyx0wy7km9NsSFtskJK6EMHl51vgwkWzNuvSEc/Yv3Dtkqq1hPUCZKD+NXH0s3Ngq /LQYqzhD2e2ATwXUxHm8lv26YsKBtulC14j2wfj+JXccMB6Q3I3XDmHT+99YNej98CzA zhVo6OccWoz9O8RzBSAn5Ha+ZUNtyiD0P7fM4GzO68GNqujdNZZpcA3N0oNt8AXRJwtV 1H7YZhebIwswIjLM/BrTZ+m0PpcDRPLMCe8PgU0+FVh2au6oIWHpp/tJUjx85dFGOmji 8pDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=w3oY2rXh6UFjlPyYf5SgeJ4uJxJH6dfIM0jQYZw/imk=; b=QT2XzskxBDV7h78wsvuvhr5Uxg+ShucQlJ0uVV2UyFXaQ4PjhyXPXdmfTYXH8/3pq6 map2+B4ooRh+HLxcJY1+4O0OfKGl+A/bYNHPbWe3Z210eerZ0650tsNhfY2a41s5lfuz OoGUdlNrV6j8qB5D3e7WmRa9rfs4q9/BXV2HWAC/JGuiAiU/JmI6FZbi7aKSe3Y8k9eu xvRnfCMcziY2Wj9qszVWNAGUzKwvvDp51JloSBAW4fktKvPVcasg1uv226UKTDggi8+y MFMmDq4mS/MHKjwZXAchbltibMW9Ef746ihZz8yeC37J4rSP4X9WvrjSfBFChHukvONe wwoQ== X-Gm-Message-State: AOAM530y2wTF2rRwxgn4uqUOtniVsAiUepLNcQoRGtQGDKPkYgdkovLl 7qi95xxN8qEP+Z7K+qDbSdiqhY2NnFr+WowQyB/ALvng X-Google-Smtp-Source: ABdhPJy7t9wg6GtPiqqniT0WdbCb8qCH/BiIyEnUrPJJ/ifDSLrwizPIafFbBenPBmATr+ps1GUlvQSNiykm5ygfkq0= X-Received: by 2002:ab0:36a6:: with SMTP id v6mr1807195uat.62.1593172612458; Fri, 26 Jun 2020 04:56:52 -0700 (PDT) MIME-Version: 1.0 From: =?UTF-8?B?w5Z6a2FuIEtJUklL?= Date: Fri, 26 Jun 2020 14:56:46 +0300 Message-ID: Subject: pf - state counter tracking like pfsync To: freebsd-pf@freebsd.org X-Rspamd-Queue-Id: 49tb2w3vmqz4Wl6 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=UarZx4ku; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of ozkankirik@gmail.com designates 2607:f8b0:4864:20::936 as permitted sender) smtp.mailfrom=ozkankirik@gmail.com X-Spamd-Result: default: False [-2.65 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.001]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-pf@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.02)[-1.023]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::936:from]; NEURAL_HAM_SHORT(-0.26)[-0.255]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; R_MIXED_CHARSET(0.62)[subject]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Jun 2020 11:56:58 -0000 Hi, My goal is save pkt/byte counters of each expired/killed/closed states into a txt file. What is the right way to do this in userspace ? Is it possible to do something with ioctl & poll ? Alternatively is it possible to create multiple pfsync interfaces, first one for real purpose to send state changes to slave host, the second one for sending this log collect process lo1? Following lines prevents cloning second pfsync interface: /usr/src/sys/netpfil/pf/if_pfsync.c on line 331 (pfsync_clone_create function) if (unit != 0) return (EINVAL); If I remove these lines, do I hit any error ? Best regards, Thanks