From owner-freebsd-net@FreeBSD.ORG Sun Jun 18 14:21:24 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BF73816A47A for ; Sun, 18 Jun 2006 14:21:24 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from pi.codefab.com (pi.codefab.com [199.103.21.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 63F6143D45 for ; Sun, 18 Jun 2006 14:21:24 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from localhost (localhost [127.0.0.1]) by pi.codefab.com (Postfix) with ESMTP id 9AD875DF9; Sun, 18 Jun 2006 10:21:23 -0400 (EDT) X-Virus-Scanned: amavisd-new at codefab.com Received: from pi.codefab.com ([127.0.0.1]) by localhost (pi.codefab.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OFZKm90Nz6qG; Sun, 18 Jun 2006 10:21:22 -0400 (EDT) Received: from [192.168.1.251] (pool-68-160-201-170.ny325.east.verizon.net [68.160.201.170]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by pi.codefab.com (Postfix) with ESMTP id 9FEE95D3A; Sun, 18 Jun 2006 10:21:22 -0400 (EDT) Message-ID: <4495615E.3050604@mac.com> Date: Sun, 18 Jun 2006 10:21:18 -0400 From: Chuck Swiger User-Agent: Thunderbird 1.5.0.4 (Windows/20060516) MIME-Version: 1.0 To: "Roger T. Harvey" References: <4495530f.265f68ff.360d.48fa@mx.gmail.com> In-Reply-To: <4495530f.265f68ff.360d.48fa@mx.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Simple LAN IP accounting X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2006 14:21:24 -0000 Roger T. Harvey wrote: > $IPFW pipe 1 config mask src-ip 0xffffffff buckets 512 > $IPFW pipe 2 config mask dst-ip 0xffffffff buckets 512 > $IPFW add 32001 pipe 1 src-ip 192.168.110.0/24 bridged > $IPFW add 32002 pipe 2 dst-ip 192.168.110.0/24 bridged > > Now that's all well and good, and I saw the output as well. > However, im not running bridged. or does that make a difference in this > instance? It means you should create pipe rules which match the traffic you want to count, rather than using the "bridged" keyword (which would match none of your traffic). Something like "in via fxp0" and "out via fxp0" might be right, assuming for the sake of example that you had an Intel "Fast EEPro" card which was the interface on the subnet whose traffic you want to count. > Also, is there any scripts, etc to format the pipe info into a nice readable > format (pref html) > > Doesn't need graphs, etc. Just Daily and Monthly totals would be nice. > (I am running MySQL so it can store the data) This kind of thing tends to be fairly idiosyncratic, and you'll probably have to modify or write something for your specific case...perhaps others have more useful sample scripts to contribute. -- -Chuck