strange behaivor ipfw2 counters
Gregory Bond
gnb at itga.com.au
Sun Aug 1 16:17:52 PDT 2004
h-k at mail.ru said:
>
>
>00001 5900 1623729 count ip from any to any in recv cp1
>00002 130 9768 count ip from any to any out xmit cp1
>
>cp1 - external interface, no nat, route real IP adresses.
>When i download via http from this router counter 2 increasing, but when
>download from client behind this router via ftp counter 2 increasing, but
>_very_ small.
In rule 2, you are counting bytes back out to the internet. For an FTP
download, this will only be the ACK packets - a very tiny amount. Perhaps you
meant "out fxp1" instead?
> P.S. Sorry for terrible English.
Your English is far better than our Russian!
More information about the freebsd-ipfw
mailing list