strange behaivor ipfw2 counters
dawnshade
h-k at mail.ru
Sun Aug 1 23:56:02 PDT 2004
Hello Gregory,
Monday, August 2, 2004, 3:17:48 AM, you wrote:
GB> h-k at mail.ru said:
>>
>>
>>00001 5900 1623729 count ip from any to any in recv cp1
>>00002 130 9768 count ip from any to any out xmit cp1
>>
>>cp1 - external interface, no nat, route real IP adresses.
>>When i download via http from this router counter 2 increasing, but when
>>download from client behind this router via ftp counter 2 increasing, but
>>_very_ small.
GB> In rule 2, you are counting bytes back out to the internet. For an FTP
GB> download, this will only be the ACK packets - a very tiny amount.
GB> Perhaps you
GB> meant "out fxp1" instead?
_in_ fxp??
Next rules:
00001 3565222 1636826036 count ip from any to any in recv cp1
00002 384898 314601856 count ip from any to any out xmit cp1
00003 473872 352073912 count ip from any to any in via fxp*
00004 3584143 1645055815 count ip from any to any out via fxp*
As you see - counters similar (a little diif, cause i have some
services on fxp's). All counters launch at the same time.
>> P.S. Sorry for terrible English.
GB> Your English is far better than our Russian!
:)
I think that some bug, when code ipfw2 was MFC'ed to 4.X.
----------
Best regards,
dawnshade mailto:h-k at mail.ru
More information about the freebsd-ipfw
mailing list