dinzdale at gmail.com
Fri Mar 18 00:36:27 PST 2005
Having a little difficulty regarding traffic counting.
I have a macro ($soh) with about 30 IPs in it.. The first problem I
was having was that:
pass out on $ext_if from $soh to any keep state label "$srcaddr:: "
was not passing traffic. (nat changing source address before reaching
Someone then recommended having the following instead:
pass in on $int_if from $soh to any keep state label "$srcaddr:: "
pass out on $ext_if from any to any keep state label "total:: "
which is now letting traffic out with the pass out rule, but the pass
in rule is not counting traffic... whenever doing "pftcl -sl" I can
see the "total::" label rising as more bandwidth is used, but all the
other labels for all the private IPs remain on zero.
Could someone possibly help rectify this?
(they are also the last rules in the ruleset so the "last match wins"
More information about the freebsd-pf