Date: Thu, 16 Dec 2004 11:57:29 -0800 From: patrick <gibblertron@gmail.com> To: freebsd-questions@freebsd.org Subject: "ipfw count" equivalent for pf Message-ID: <b043a48504121611577801f1ef@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi there, Now that FreeBSD 5.x has pf from OpenBSD, I'm wondering if some of the pf experts can help me with porting a simple ipfw configuration from FreeBSD 4.x to pf in FreeBSD 5.x. On our 4.x servers, we have several rules like: ipfw add count ip from any to x.x.x.x ipfw add count ip from x.x.x.x to any ... to keep track of how much traffic is going through a particular IP address. Every night, I capture the data and zero the counters. Using pf, I'm having a difficult time how to establish a similar ruleset so that I can gather the same sort of data. Someone on the openbsd-misc list told me to "add labels to those rules you want to account traffic on and use `pdfctl -sl` to read their counters." The problem is that I'm not sure how to describe the rules using pf. I suppose the rules should just pass all traffic to and from my external interface, but from all the pf documentation I've read, I can't find an example that seems to do this for me. Can any experts lend a hand here? It seems like this should be dead-easy to do, but like many things from the OpenBSD world, it does not seem to straight-forward to me. Thanks, Patrick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b043a48504121611577801f1ef>