[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bidirectional counters for pf



Damien Miller wrote:
> Daniel Hartmeier wrote:
>> On Wed, Jun 18, 2003 at 07:49:52PM +1000, Damien Miller wrote:
>> 
>>> Comments?
>> 
>> I guess the additional two numbers don't bloat the state entry too much.
>> 
>> I'm not doing any accounting, so I'm not sure if this is a problem, but
>> the numbers a:b will be relative to the direction of the state (as
>> compared to absolute incoming/outgoing). So if you parse the output, you
>> have to check the direction of the state. Might be somewhat annoying if
>> you just want total numbers of incoming bytes or such.
> 
> My intention is for more detailed, per-address accounting. Much along
> the lines of what Cisco NetFlow provided. I agree that this is overkill
> if one just wants to obtain a total count.
> 
> Any problems with the diff itself?
Like: should I crank PFSYNC_VERSION? or is it defined in terms of
struct pf_state?
-d