[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: can you help me meashuring traffic using OpenBSD's pf?



..an example of what you are talking about from my system I just restarted,
I am not clear how to zero these stats -
pfctl -z doesn't seem to do it (only two ifs) :

# pfctl -vvs Interfaces
.. many other interfaces snipped...
dc0     (instance, attached)
        Cleared:     Wed Mar 23 03:02:28 2005
        References:  [ States:  0                  Rules: 80                 ]
        In4/Pass:    [ Packets: 6651059            Bytes: 7939874529         ]
        In4/Block:   [ Packets: 150                Bytes: 9494               ]
        Out4/Pass:   [ Packets: 5273669            Bytes: 1091643115         ]
        Out4/Block:  [ Packets: 916                Bytes: 71051              ]
        In6/Pass:    [ Packets: 0                  Bytes: 0                  ]
        In6/Block:   [ Packets: 0                  Bytes: 0                  ]
        Out6/Pass:   [ Packets: 0                  Bytes: 0                  ]
        Out6/Block:  [ Packets: 0                  Bytes: 0                  ]
dc1     (instance, attached)
        Cleared:     Wed Mar 23 03:02:28 2005
        References:  [ States:  0                  Rules: 44                 ]
        In4/Pass:    [ Packets: 5402136            Bytes: 1181987103         ]
        In4/Block:   [ Packets: 320                Bytes: 24200              ]
        Out4/Pass:   [ Packets: 6379997            Bytes: 7609498012         ]
        Out4/Block:  [ Packets: 52                 Bytes: 2753               ]
        In6/Pass:    [ Packets: 0                  Bytes: 0                  ]
        In6/Block:   [ Packets: 0                  Bytes: 0                  ]
        Out6/Pass:   [ Packets: 0                  Bytes: 0                  ]
        Out6/Block:  [ Packets: 0                  Bytes: 0                  ]
..many other interfaces snipped...

There is also an snmp interface that may fit with some
of the company's existing net monitoring/stat tools:
http://www.packetmischief.ca/openbsd/snmp/

Rob


Oliver Neubauer wrote:
Maybe I'm missing something about your requirements, but why not just us MRTG?

It will measure input/output on as many interfaces as you want.

Since all it *really* does is graph data, it can also be used to
measure virtually anything.
It is relatively easy to create scripts that gather data about the
state of pf (via calls to pfctl -si etc) and feed it into MRTG. No
need to use loginterface or pfstat.

There is a ton of documentation out there for MRTG, but start here:
http://mrtg.hdl.com/mrtg.html

cheers