Bandwidth monitoring
Luigi Rizzo
rizzo at icir.org
Thu Jun 26 22:57:05 PDT 2003
On Thu, Jun 26, 2003 at 07:05:57PM -0400, Robert Watson wrote:
...
> > that an ISP is likely to charge for and have the tables 'reaped every
> > now and then by a daemon to give a time dimension to the data..
>
> Well, the case that this code was designed for was passive monitoring of
> many IPs over many systems (some of which have a large number of IP
> addresses, each to be separately billed). I also wanted to specifically
> disqualify local traffic between the hosts, since that wasn't part of the
> billing structure. You could certainly implement this using ipfw
> accounting, but only if you wanted to add one firewall rule for each
> matching case of interest (since we needed to separately measure), and you
just for the records, you can do counting on a per-host basis with
a single ipfw rule, using dummynet pipes:
... rules to remove undesired traffic...
ipfw add pipe 1 ip from ${my_subnet} to not ${my_subnet} in
ipfw pipe 1 config mask src-ip 0xffffffff
sysctl net.inet.ip.dummynet.expire=0
This of course requires that the traffic you are interested in
flows through the box where you are running the above ipfw config.
cheers
luigi
More information about the freebsd-net
mailing list