On Saturday 14 October 2006 09:14, Dan b wrote: > I searched the archives for this and was unable to > find anything relevant. I have a machine that is > being used as a NAT Router with IPFW and IPNAT running > 5.3-RELEASE. I'm only using IPFW to keep track of > traffic, no actual packet filtering is going on.
I recommend that you use pf for that. A simple pfctl -e with no ruleset will get you 64bit packet and byte counters for all interfaces using pfctl -vvsI or for a specific interface with: > 7:14 [~]amd64# pfctl -vvsI -i fxp0 > fxp0 (instance, attached) > Cleared: Fri Sep 29 23:24:37 2006 > References: [ States: 0 Rules: 15 ] > In4/Pass: [ Packets: 46986037 Bytes: 28315507365 ] > In4/Block: [ Packets: 0 Bytes: 0 ] > Out4/Pass: [ Packets: 43460700 Bytes: 40071770000 ] > Out4/Block: [ Packets: 0 Bytes: 0 ] > In6/Pass: [ Packets: 9982 Bytes: 3320321 ] > In6/Block: [ Packets: 0 Bytes: 0 ] > Out6/Pass: [ Packets: 5259 Bytes: 418780 ] > Out6/Block: [ Packets: 3 Bytes: 192 ] > The problem is that the statistics reported by netstat > seem to reset themselves intermittently. Last night I > ran netstat -ib and got an Ibytes stat of around 2.1GB > on my sis0 adapter. Today I ran netstat -ib and got > an Ibytes stat of around 600MB on my sis0 adapter. > The system has around 29 days of uptime, and I have > run ipfw zero a few times, but have not run netstat -z > at all. Let me know if you have any ideas about this. This is because the numbers reported by netstat are based on (signed) 32bit counters. Either you sample these numbers at a high enough rate or you use other 64bit counters (see above). -- /"\ Best regards, | [EMAIL PROTECTED] \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | [EMAIL PROTECTED] / \ ASCII Ribbon Campaign | Against HTML Mail and News
pgpqfAOdcPmWa.pgp
Description: PGP signature
