ipfw count rules to count traffic to virtual ip's

lists lists at sleektech.nl
Tue Jul 6 06:23:59 PDT 2004 

Well :

This won't work:
ipfw add 00010 count tcp from any to any via 1.1.1.1
ipfw add 00011 count tcp from any to any in recv 1.1.1.1
ipfw add 00012 count tcp from any to any out xmit 1.1.1.1
ipfw add 00016 count tcp from any to any via 2.2.2.2
ipfw add 00017 count tcp from any to any in recv 2.2.2.2
ipfw add 00018 count tcp from any to any out xmit 2.2.2.2


This works:
ipfw add 00022 count tcp from 1.1.1.1 to any 
ipfw add 00023 count tcp from any to 1.1.1.1
ipfw add 00024 count tcp from 2.2.2.2 to any
ipfw add 00025 count tcp from any to 2.2.2.2

Is ipfw unable to count ip traffic on that way ? or is it just unlogical how i am doing it..



Steve Bertrand wrote:

>>Anyone ?
>>
>>    
>>
>>>Hello,
>>>
>>>I'm trying to setup ipfw to count traffic to each ip on the server (one
>>>interface with multiple aliased ip's)
>>>
>>>now it seems that the count rules are about the same for each ip while
>>>this isn't the truth..
>>>
>>>      
>>>
>
>Are these the exact rules, or does # ipfw show mix them up a bit?
>
>For instance:
>
># ipfw add 10000 count tcp from any to 1.1.1.1
>
>*should* count all tcp traffic destined for 1.1.1.1, and likewise,
>
># ipfw add 11000 count tcp from 1.1.1.1 to any
>
>*should* count all tcp traffic from the IP.
>
>If ipfw show is conveluting the rules a bit, you might start by sending in
>a small sample of your ruleset.
>
>Just a thought...
>
>Steve
>
>
>  
>
>>>00007 7715117 6712750640 count ip from any to any via fxp0
>>>00008 2953770  167284959 count ip from any to any in recv fxp0
>>>00009 4761341 6545462313 count ip from any to any out xmit fxp0
>>>00010 7707303 6712093431 count tcp from any to any via 1.1.1.1
>>>00011 2948103  166773748 count tcp from any to any in recv 1.1.1.1
>>>00012 4759198 6545319411 count tcp from any to any out xmit 1.1.1.1
>>>00016 7707299 6712092983 count tcp from any to any via 2.2.2.2
>>>00017 2948101  166773668 count tcp from any to any in recv 2.2.2.2
>>>00018 4759195 6545319003 count tcp from any to any out xmit 2.2.2.2
>>>00022 2842887  145092334 count tcp from any to any 80 via fxp0
>>>
>>>As you can see the traffic for ip 1.1.1.1 and ip 2.2.2.2 are about the
>>>same while ip 2.2.2.2 is actually doing nothing (all ports are blocked
>>>cause its not active yet)
>>>
>>>What is going wrong here ? how come ipfw counts the same traffic for
>>>each ip..
>>>
>>>Also rule 22 from "any to any 80"  shows only a few hundred megs traffic
>>>while 95% of all the traffic on the server is http traffic from
>>>website's so this should be atleast around the 5GB of traffic instead of
>>>a few hundred megs..
>>>
>>>Any idea's ??
>>>
>>>Thanks
>>>
>>>m.
>>>
>>>
>>>
>>>      
>>>
>>_______________________________________________
>>freebsd-questions at freebsd.org mailing list
>>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>>To unsubscribe, send any mail to
>>"freebsd-questions-unsubscribe at freebsd.org"
>>
>>    
>>
>
>
>_______________________________________________
>freebsd-questions at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>  
>

More information about the freebsd-questions mailing list