[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: can you help me meashuring traffic using OpenBSD's pf?



On Wed, Mar 23, 2005 at 03:19:13AM -0800, Ian wrote:
" Hi,
" 
" I beleive you can acheive this with the use of properly labeled rules,
" and then gather information with them and produce output, here is an
" article where some perl is used to create graphs, I imagine it would
" be simple to output the data into bytes which you desire as well.
" 
" http://www.samag.com/documents/s=9053/sam0403j/0403j.htm
" 
" 
" Hope that helps.
" 
" 
" -Ian
Thank you Ian, I read this article a week ago, but it is not
useful for me :(. Of course, I can write some rules with labels
and meashure traffic. But this will be bad brandmauer (Like in
example in your URL) and I can write good brandmauer, but labels
in it can't meashure incoming and outgouing traffic.
For example:
block all
pass out on $ext_if from any to any keep state
This rule good because make safe and BIDIRECTIONAL connect. You
see, this rule can't be labeled. because if I set label at last
rule, I will mesure sum of incoming AND outgoing traffic. Not
separately.
Please, correct me if I'm wrong.
-- 
Sensory  yours, Eugene  Minkovskii
Сенсорно ваш,   Евгений Миньковский