Date: Fri, 18 Mar 2005 13:41:07 +0200 From: stephen <dinzdale@gmail.com> To: freebsd-pf@freebsd.org Subject: Re: traffic accounting Message-ID: <ee918c7805031803413897941f@mail.gmail.com> In-Reply-To: <ee918c7805031800363fed881e@mail.gmail.com> References: <ee918c7805031800363fed881e@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi all, Tried sending this mail earlier, if it came through twice apologies in advance. Having a little difficulty regarding traffic counting. I have a macro ($soh) with about 30 IPs in it.. The first problem I was having was that: pass out on $ext_if from $soh to any keep state label "$srcaddr:: " was not passing traffic. (nat changing source address before reaching filtering rules) Someone then recommended having the following instead: pass in on $int_if from $soh to any keep state label "$srcaddr:: " pass out on $ext_if from any to any keep state label "total:: " which is now letting traffic out with the pass out rule, but the pass in rule is not counting traffic... whenever doing "pftcl -sl" I can see the "total::" label rising as more bandwidth is used, but all the other labels for all the private IPs remain on zero. I did get a step closer earlier this morning... Managed to count traffic from the source addresses 100%, but I couldn't account for the web traffic (which is 80% of the traffic) as I have a rdr rule that redirects all traffic for port 80 via localhost port 3128 to proxy/cache webpages. Could someone possibly help rectify this? (they are also the last rules in the ruleset so the "last match wins" is correct) Thanks Stephen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ee918c7805031803413897941f>