On Mon, Jun 3, 2013 at 5:40 PM, Michael Sierchio <ku...@tenebras.com> wrote:
> On Mon, Jun 3, 2013 at 4:43 AM, Andreas Nilsson <andrn...@gmail.com> > wrote: > > Hello, > > > > Still trying out the tablearg functionality of ipfw and found the > following: > > > > 1) > > # ipfw table 100 add 192.168.0.0/24 10.0.0.1 > > # ipfw table 100 list > > 192.168.0.0/24 167772161 > > > > I guess it is correct, but not user friendly. Can't the tablearg part be > > printed as normal dotted decimal? > > No - it's an integer. The semantics of the table arg are up to you, > but it could be a rule number, used in a computed go to, as in > > ipfw add 05000 skipto tablearg ip from any to me in recv em1 lookup src-ip > 23 > I use it to classify traffic based on country of origin. > Interesting. So given that table 23 has 1.2.3.4/24 6000 the rule would would be skipto 6000 ip from any to me in recv em1 src-ip 1.2.3.4/24 ? > > > Another question: While using tablearg, is there a way to get statistics > of > > each "individual" computed value instead of just the aggregate > statistics > > for all rules "generated" by the tablearg rule? > > you can log where the target rule is executed, or have a count rule. > > - M > Great, I'll look into that. Best regards Andreas _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
