Statistics on individual table entries...
Daniel Hartmeier
daniel at benzedrine.cx
Tue Nov 29 09:07:40 GMT 2005
On Tue, Nov 29, 2005 at 03:56:34AM -0500, Forrest Aldrich wrote:
> In PF, I am trying to determine how to accomplish similiarly. The command:
>
> pf -vvs Tables
>
> Provides summaries only. I don't see a way to accomplish the above.
Additional per-table counters can be printed with
pfctl -t foo -vvTs
There's no 'last-matched timestamp', however.
Depending on what you need it for (like, purge entries that haven't been
used for a period of time), you could work around that by clearing the
packet/byte counters (representing the packets that were matched by
rules using the tables) and regularly remove those that show zero values
(unused since last invokation of that clearing script).
Daniel
More information about the freebsd-pf
mailing list