From owner-freebsd-ipfw Mon Jan 29 15:47:18 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from hera.drwilco.net (10dyn120.dh.casema.net [212.64.31.120]) by hub.freebsd.org (Postfix) with ESMTP id 745A437B69D; Mon, 29 Jan 2001 15:46:58 -0800 (PST) Received: from ceres.drwilco.nl (ceres.drwilco.net [10.1.1.19]) by hera.drwilco.net (8.11.1/8.11.1) with ESMTP id f0U092b05863; Tue, 30 Jan 2001 01:09:04 +0100 (CET) (envelope-from drwilco@drwilco.nl) Message-Id: <4.3.2.7.0.20010130000929.00c80a20@mail.bsdchicks.com> X-Sender: lists@mail.bsdchicks.com X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Tue, 30 Jan 2001 00:15:34 +0100 To: Erwan Arzur , Roman Le Houelleur From: "Rogier R. Mulhuijzen" Subject: Re: bandwidth analyser Cc: freebsd-ipfw , freebsd-net In-Reply-To: <3A755C23.AE8D79E1@netvalue.com> References: <3A6C7FD0.7E2ABD65@IPricot.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > Moreover, concerning the bridge, I was wondering if > > there is a way not to put a third interface in promiscous > > mode. As this third nic exists only for management purposes > > I don't want it to participate to the bridge in any way. Use the ng_bridge node if you want to have precise control over which interfaces are being bridged. There's one downside though. You can get statistics from the bridge node on packets and octects passed through the different parts of the bridge setyup, but it's not IP based. Also using that bridging code there's no bandwidth throttling or IPFW rule matching yet. Vitaly Belekhov wrote BW throttling and ipfw netgraph nodes for 3.X, and I will be porting those to 5.X-CURRENT over the next few weeks. Using those you could get statistics really quickly by using libnetgraph and querying the nodes yourself with some C code instead of shell/perl scripting. DocWilco To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message