Date: Tue, 26 Nov 2024 13:53:15 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 282984] [PATCH] pfctl: add -T `makezero` to touch pfras_tzero _only_ for non-zero entries Message-ID: <bug-282984-227-rXAs0z6A86@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-282984-227@https.bugs.freebsd.org/bugzilla/> References: <bug-282984-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D282984 Rob LA LAU <freebsd@ohreally.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |freebsd@ohreally.nl --- Comment #3 from Rob LA LAU <freebsd@ohreally.nl> --- Since I said in #282877 that I had some thoughts about this, I will share my grain of salt. But you guys should obviously feel free to do with it what y= ou want. Honestly, I fail to see a use case here. As far as I can see, you have all the information and functionality to do w= hat you want to do: `pfctl -t table -vT show' gives you the counter stats, and `pfctl -t table -T zero $ip' gives you the possibility to reset statistics = for an IP address. It would be very simple to write a script to do this, which = you can call from cron, followed by `pfctl -t table -T expire 12345' as you intended. Since you're not trying to do anything real-time, I don't see why you could= n't use the existing functionality. I would see the use for something real-time, but that should be in the kern= el, and not in pfctl. If I could mark a table (or a rule, or the 'overload' feature) to reset statistics for IP addresses that hit the rule when they are in the table already, I would happily make use of that. But if it's going to be a cronjob anyway, then I think you have everything = you need. But I may be missing something. Anyway, it's not my decision to make, so I'll let you guys to it. Have a nice day, Rob --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-282984-227-rXAs0z6A86>