From owner-freebsd-pf@FreeBSD.ORG Fri Mar 18 11:41:08 2005 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3345D16A4CE for ; Fri, 18 Mar 2005 11:41:08 +0000 (GMT) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.192]) by mx1.FreeBSD.org (Postfix) with ESMTP id A78D943D2F for ; Fri, 18 Mar 2005 11:41:07 +0000 (GMT) (envelope-from dinzdale@gmail.com) Received: by rproxy.gmail.com with SMTP id a36so117127rnf for ; Fri, 18 Mar 2005 03:41:07 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=VJ/h79GZcstIq6ge1XA1uruSPTIIViuc8EV8OFrzf36SmEuZfFl//yK0CoRVhIQTBRTF0Glp2qcadjdsYieTh/jBtNCdmqQfSpQfLgHhtlvypPzLLc0A20wXLFsTte+lCHOdHvRwhflYR4v9Dhyw40tSV2nA7f/TmXwG8jbd8Z4= Received: by 10.38.66.45 with SMTP id o45mr2677004rna; Fri, 18 Mar 2005 03:41:07 -0800 (PST) Received: by 10.38.11.55 with HTTP; Fri, 18 Mar 2005 03:41:07 -0800 (PST) Message-ID: Date: Fri, 18 Mar 2005 13:41:07 +0200 From: stephen To: freebsd-pf@freebsd.org In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit References: Subject: Re: traffic accounting X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: stephen List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Mar 2005 11:41:08 -0000 Hi all, Tried sending this mail earlier, if it came through twice apologies in advance. Having a little difficulty regarding traffic counting. I have a macro ($soh) with about 30 IPs in it.. The first problem I was having was that: pass out on $ext_if from $soh to any keep state label "$srcaddr:: " was not passing traffic. (nat changing source address before reaching filtering rules) Someone then recommended having the following instead: pass in on $int_if from $soh to any keep state label "$srcaddr:: " pass out on $ext_if from any to any keep state label "total:: " which is now letting traffic out with the pass out rule, but the pass in rule is not counting traffic... whenever doing "pftcl -sl" I can see the "total::" label rising as more bandwidth is used, but all the other labels for all the private IPs remain on zero. I did get a step closer earlier this morning... Managed to count traffic from the source addresses 100%, but I couldn't account for the web traffic (which is 80% of the traffic) as I have a rdr rule that redirects all traffic for port 80 via localhost port 3128 to proxy/cache webpages. Could someone possibly help rectify this? (they are also the last rules in the ruleset so the "last match wins" is correct) Thanks Stephen