From owner-freebsd-questions@FreeBSD.ORG Tue Jul 6 11:23:20 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 842FF16A4CE for ; Tue, 6 Jul 2004 11:23:20 +0000 (GMT) Received: from sleek.sleektech.nl (sleek.sleektech.nl [62.212.87.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id 903C043D49 for ; Tue, 6 Jul 2004 11:23:19 +0000 (GMT) (envelope-from lists@sleektech.nl) Received: (qmail 99108 invoked from network); 6 Jul 2004 11:20:00 -0000 Received: from unknown (HELO ?127.0.0.1?) (193.173.42.52) by sleek.sleektech.nl with SMTP; 6 Jul 2004 11:20:00 -0000 Message-ID: <40EA8BA5.80900@sleektech.nl> Date: Tue, 06 Jul 2004 13:23:17 +0200 From: lists User-Agent: Mozilla Thunderbird 0.7.1 (Windows/20040626) X-Accept-Language: en-us, en MIME-Version: 1.0 To: questions@freebsd.org References: <1089058362.3279.7.camel@localhost.localdomain> In-Reply-To: <1089058362.3279.7.camel@localhost.localdomain> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: ipfw count rules to count traffic to virtual ip's X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Jul 2004 11:23:20 -0000 Anyone ? >Hello, > >I'm trying to setup ipfw to count traffic to each ip on the server (one >interface with multiple aliased ip's) > >now it seems that the count rules are about the same for each ip while >this isn't the truth.. > >00007 7715117 6712750640 count ip from any to any via fxp0 >00008 2953770 167284959 count ip from any to any in recv fxp0 >00009 4761341 6545462313 count ip from any to any out xmit fxp0 >00010 7707303 6712093431 count tcp from any to any via 1.1.1.1 >00011 2948103 166773748 count tcp from any to any in recv 1.1.1.1 >00012 4759198 6545319411 count tcp from any to any out xmit 1.1.1.1 >00016 7707299 6712092983 count tcp from any to any via 2.2.2.2 >00017 2948101 166773668 count tcp from any to any in recv 2.2.2.2 >00018 4759195 6545319003 count tcp from any to any out xmit 2.2.2.2 >00022 2842887 145092334 count tcp from any to any 80 via fxp0 > >As you can see the traffic for ip 1.1.1.1 and ip 2.2.2.2 are about the >same while ip 2.2.2.2 is actually doing nothing (all ports are blocked >cause its not active yet) > >What is going wrong here ? how come ipfw counts the same traffic for >each ip.. > >Also rule 22 from "any to any 80" shows only a few hundred megs traffic >while 95% of all the traffic on the server is http traffic from >website's so this should be atleast around the 5GB of traffic instead of >a few hundred megs.. > >Any idea's ?? > >Thanks > >m. > > >