From owner-freebsd-questions@FreeBSD.ORG Mon Dec 20 13:49:06 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F0AE016A4CE for ; Mon, 20 Dec 2004 13:49:05 +0000 (GMT) Received: from out010.verizon.net (out010pub.verizon.net [206.46.170.133]) by mx1.FreeBSD.org (Postfix) with ESMTP id 47DC543D48 for ; Mon, 20 Dec 2004 13:49:05 +0000 (GMT) (envelope-from leblanc@keyslapper.org) Received: from keyslapper.org ([68.163.252.53]) by out010.verizon.net (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP id <20041220134904.WRKH24714.out010.verizon.net@keyslapper.org> for ; Mon, 20 Dec 2004 07:49:04 -0600 Received: by keyslapper.org (Postfix, from userid 1001) id 2341711449; Mon, 20 Dec 2004 08:48:48 -0500 (EST) Date: Mon, 20 Dec 2004 08:48:48 -0500 From: Louis LeBlanc To: freebsd-questions@freebsd.org Message-ID: <20041220134847.GA88455@keyslapper.org> Mail-Followup-To: freebsd-questions@freebsd.org References: Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.5.6i X-Authentication-Info: Submitted using SMTP AUTH at out010.verizon.net from [68.163.252.53] at Mon, 20 Dec 2004 07:49:04 -0600 Subject: Re: "ipfw count" equivalent for pf X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freebsd-questions@FreeBSD.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Dec 2004 13:49:06 -0000 Ah. Good to know. I think you need ALTQ support built into the kernel to get it though. Lou On 12/19/04 04:38 PM, patrick sat at the `puter and typed: > I didn't receive any advice relevant to solving my problem, but I did > manage to figure it out in the end. I thought I'd share my solution in > case anyone else wants to do the same thing: > > My /etc/pf.conf has the following lines: > > ext_if="rl0" > external_addr="x.x.x.x" > > pass in on $ext_if from any to $external_addr label "$dstaddr in" > pass out on $ext_if from $external_addr to any label "$srcaddr out" > > Activate the rules with "pfctl -f /etc/pf.conf", and then you can > display the counters by doing a "pfctl -sl" which outputs something > like: > > x.x.x.x in 14363 7448 734450 > x.x.x.x out 13810 6362 683319 > > To zero the counters, I've just been calling "pfctl -f /etc/pf.conf" > again, though there may be a more "proper" way. > > Patrick > > > On Thu, 16 Dec 2004 11:57:29 -0800, patrick wrote: > > Hi there, > > > > Now that FreeBSD 5.x has pf from OpenBSD, I'm wondering if some of the > > pf experts can help me with porting a simple ipfw configuration from > > FreeBSD 4.x to pf in FreeBSD 5.x. > > > > On our 4.x servers, we have several rules like: > > > > ipfw add count ip from any to x.x.x.x > > ipfw add count ip from x.x.x.x to any > > > > ... to keep track of how much traffic is going through a particular IP > > address. Every night, I capture the data and zero the counters. > > > > Using pf, I'm having a difficult time how to establish a similar > > ruleset so that I can gather the same sort of data. Someone on the > > openbsd-misc list told me to "add labels to those rules you want to > > account traffic on and use `pdfctl -sl` to read their counters." The > > problem is that I'm not sure how to describe the rules using pf. I > > suppose the rules should just pass all traffic to and from my external > > interface, but from all the pf documentation I've read, I can't find > > an example that seems to do this for me. > > > > Can any experts lend a hand here? It seems like this should be > > dead-easy to do, but like many things from the OpenBSD world, it does > > not seem to straight-forward to me. > > > > Thanks, > > > > Patrick > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- Louis LeBlanc FreeBSD@keyslapper.org Fully Funded Hobbyist, KeySlapper Extrordinaire :) http://www.keyslapper.org ԿԬ First study the enemy. Seek weakness. -- Romulan Commander, "Balance of Terror", stardate 1709.2