Network accounting
Andrew Seguin
asegu at borgtech.ca
Mon Jan 17 13:41:56 PST 2005
-----Original Message-----
From: Jon Simola [mailto:jsimola at gmail.com]
Sent: Monday, January 17, 2005 10:27 PM
To: Andrew Seguin; freebsd-net at freebsd.org
Subject: Re: Network accounting
...
>What I was doing with the same setup:
>$IPFW pipe 1 config mask src-ip 0xffffffff buckets 512
>$IPFW pipe 2 config mask dst-ip 0xffffffff buckets 512
>$IPFW add 32001 pipe 1 src-ip 192.168.110.0/24 bridged
>$IPFW add 32002 pipe 2 dst-ip 192.168.110.0/24 bridged
...
I don't understand how this system will allow me to log traffic by-ip
without addition of 256 rules?
I already have counts of my up & down traffic. Actually, I have a bypass
rule for 'normal' traffic (web/email/dns/icmp/etc), and then a pipe to
control bandwidth (mainly because of downloaders). With some scripting, the
server maintains a csv of in/out/abnormal (in+out). But I criticaly need
per-ip and highly need per-protocol (major ones at least).
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.6.13 - Release Date: 1/16/2005
More information about the freebsd-net
mailing list