"ipfw count" equivalent for pf

Mon Dec 20 05:49:06 PST 2004

Ah.  Good to know.  I think you need ALTQ support built into the
kernel to get it though.

Lou
On 12/19/04 04:38 PM, patrick sat at the `puter and typed:
> I didn't receive any advice relevant to solving my problem, but I did
> manage to figure it out in the end. I thought I'd share my solution in
> case anyone else wants to do the same thing:
> 
> My /etc/pf.conf has the following lines:
> 
> ext_if="rl0"
> external_addr="x.x.x.x"
> 
> pass in on $ext_if from any to $external_addr label "$dstaddr in"
> pass out on $ext_if from $external_addr to any label "$srcaddr out"
> 
> Activate the rules with "pfctl -f /etc/pf.conf", and then you can
> display the counters by doing a "pfctl -sl" which outputs something
> like:
> 
> x.x.x.x in 14363 7448 734450
> x.x.x.x out 13810 6362 683319
> 
> To zero the counters, I've just been calling "pfctl -f /etc/pf.conf"
> again, though there may be a more "proper" way.
> 
> Patrick
> 
> 
> On Thu, 16 Dec 2004 11:57:29 -0800, patrick <gibblertron at gmail.com> wrote:
> > Hi there,
> > 
> > Now that FreeBSD 5.x has pf from OpenBSD, I'm wondering if some of the
> > pf experts can help me with porting a simple ipfw configuration from
> > FreeBSD 4.x to pf in FreeBSD 5.x.
> > 
> > On our 4.x servers, we have several rules like:
> > 
> > ipfw add count ip from any to x.x.x.x
> > ipfw add count ip from x.x.x.x to any
> > 
> > ... to keep track of how much traffic is going through a particular IP
> > address. Every night, I capture the data and zero the counters.
> > 
> > Using pf, I'm having a difficult time how to establish a similar
> > ruleset so that I can gather the same sort of data. Someone on the
> > openbsd-misc list told me to "add labels to those rules you want to
> > account traffic on and use `pdfctl -sl` to read their counters." The
> > problem is that I'm not sure how to describe the rules using pf. I
> > suppose the rules should just pass all traffic to and from my external
> > interface, but from all the pf documentation I've read, I can't find
> > an example that seems to do this for me.
> > 
> > Can any experts lend a hand here? It seems like this should be
> > dead-easy to do, but like many things from the OpenBSD world, it does
> > not seem to straight-forward to me.
> > 
> > Thanks,
> > 
> > Patrick
> >
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
> 

-- 
Louis LeBlanc               FreeBSD at keyslapper.org
Fully Funded Hobbyist, KeySlapper Extrordinaire :)
http://www.keyslapper.org                     Ô¿Ô¬

First study the enemy.  Seek weakness.
    -- Romulan Commander, "Balance of Terror", stardate 1709.2