[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: one more pfstat question



On Mon, Dec 06, 2004 at 03:36:02PM +0100, Tobias Walkowiak wrote:
> what do the states_* attributes in pfstat.conf measure? i've looked it up
> but couldnt find any hint about them.
They correspond to the values shown by pfctl -si
  State Table                          Total             Rate
    current entries                      313               
    searches                       161977517          547.0/s
    inserts                           794528            2.7/s
    removals                          794215            2.7/s
  states_entries  == 313
  states_searches == 161977517
  states_inserts  == 794528
  states_removals == 794215
State entries are created by 'pass keep state' rules, see pf.conf(5)
about stateful filtering. Each packet filtered causes a state table
lookup first, then (if no matching entry is found) a ruleset evaluation.
'insert' and 'removals' count how many state entries have been inserted
and removed so far (the difference should equal the number of current
entries).
Daniel