[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: can you help me meashuring traffic using OpenBSD's pf?



On Tue, Mar 22, 2005 at 04:49:37PM -0500, David Chubb wrote:
" pfstat can do that pretty well.
" 
" http://www.benzedrine.cx/pfstat.html
" 
" You can also view my companies pfstat implementation:
" 
" http://black.dev.virpack.com/pfstat/
" 
" Enjoy.
" 
Thank you David.
I was trying this port. I see it use "set loginterface" feature.
Unfortunely this command can set only one interface.
So, I have 3 intarfaces:
0 -> internet
1 -> first department
2 -> second department
To measure incoming and outgouing traffic in first and second
departments separately, I can't use this port. Perhaps I need to
do following:
1) set loginterface 0 and write good brandmauer on this
interface,
2) set rules like:
pass out on [1] all label first_out
pass in  on [1] all label first_in
pass out on [2] all label second_out
pass in  on [2] all label second_in
and measure traffic by labels. With this information I perhaps
can calculate incoming and outgouing traffic of first and second
department, and calculate traffic of gateway (because gateway
mashine of course can work with internet too) using this data and
total traffic. (Total traffic we meashure when set loginterface
feature).
What do you think about?
-- 
Sensory  yours, Eugene  Minkovskii
Сенсорно ваш,   Евгений Миньковский