Date: Thu, 19 Jan 2006 10:22:26 +0100 From: Erik Norgaard <norgaard@locolomo.org> To: Peter <petermatulis@yahoo.ca> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: How to tell if IPF is running? Message-ID: <43CF5A52.2020100@locolomo.org> In-Reply-To: <20060119001447.31041.qmail@web60014.mail.yahoo.com> References: <20060119001447.31041.qmail@web60014.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter wrote: > --- Erik Norgaard <norgaard@locolomo.org> wrote: > >> Gable Barber wrote: >>> On 1/18/06, Peter <petermatulis@yahoo.ca> wrote: >>>> Switch over to pf. >>>> >>> Why do you suggest PF over IPF? >>> >>> Hope I am not starting a war here.. but I am genuinely interested in >> the >>> opinions. >> I used IPF on FBSD until there was some bug in IPF for 5.x some version >> that forced me to switch after an upgrade. The bug has been fixed since >> but I have found no reason to go back. >> >> There are two things I miss from IPF: >> >> a) proper accounting: You can't count traffic correctly with stateful >> filtering on pf, pf will count when a rule is matched but once a state >> is established packets for that state are not matched and hence not >> counted. > > That's not true. Hi Peter, it would be quite useful if you would contribute with knowledge instead of empty claims. And if you don't care to explain in verbose mode, at least provide a link to where the knowledge is found. If I am wrong, I'd like to learn the solution. I need host based counting that distinguish up- and download. AFAIK this means I can't use tables and hence I have to reload the entire ruleset to add or remove a host. This is quite annoying compared to IPF where I can load or delete a single rule from the active ruleset - and thanks to groups, I can make sure a rule get inserted the right place. And, I still don't know the easy solution to get the numbers out. Of course there is a point in PF, namely that there is just one ruleset whereas in IPF filtering and accounting rules are separate. Cheers, Erik
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43CF5A52.2020100>