Date: Sun, 18 Dec 2005 22:46:08 +0100 From: Frank Steinborn <frank@ircnow.org> To: freebsd-questions@freebsd.org Subject: Re: Compacting the "pf -v -s rules" output similar to "ipfstat -ionh" Message-ID: <20051218214608.GA92198@scott.blazing.de> In-Reply-To: <20051218213501.GA72282@holestein.holy.cow> References: <20051218213501.GA72282@holestein.holy.cow>
next in thread | previous in thread | raw e-mail | index | archive | help
--oyUTqETQ0mS9luUI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Parv wrote: > I am currently trying pf instead of ipf; rules were brought over > easily besides the user errors. I am still in the process of to be at > ease w/ pf logging & statistics. >=20 > Before i write it myself, has anybody got a already prepared way to > compact the "pfctl -v -s rules" output ... >=20 > pass in on lo0 all > [ Evaluations: 22188 Packets: 10925 Bytes: 8392463 States= : 0 ] > pass out on lo0 all > [ Evaluations: 21850 Packets: 10925 Bytes: 8392463 States= : 0 ] > block drop in on em0 all > [ Evaluations: 22188 Packets: 6 Bytes: 360 States= : 0 ] > block drop in quick on em0 inet proto tcp from 192.168.2.0/24 to any po= rt 137:139 > [ Evaluations: 19 Packets: 0 Bytes: 0 States= : 0 ] >=20 >=20 > ... to something like ... >=20 > 22188 pass in on lo0 all > 21850 pass out on lo0 all > 22188 block drop in on em0 all > 19 block drop in quick on em0 inet proto tcp from 192.168.2.0/24 to any= port 137:139 Don't use -v, just pfctl -s rules. That, however, won't give you a number of packets/bytes passed to the rules. Frank --oyUTqETQ0mS9luUI Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDpdigK0akcUHxdB0RAnRWAKCUk0X6RCVw+8mO0NQJWy+L/7IEqACghDxY ZrkO6/9QUSTPS6wFH/J2HlM= =lKKr -----END PGP SIGNATURE----- --oyUTqETQ0mS9luUI--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051218214608.GA92198>