On Wed, Aug 20, 2008 at 10:07 PM, Erik Danielsson <[EMAIL PROTECTED]> wrote:
> One question remains though. To count the total traffic from a certain IP
> range, should a separate PF rule with a label be used? If so, how can I
> reset only the labels statistics whenever I want to?
PF already maintains counters for each entry in a table, add -v when
showing a table to see
them. So explaining in pseudo format, I'd try something like
table <over10gb> persist;
table <myiprange> persist { 10.0.0.1, 10.0.0.2, ... }
pass in all
pass out from <myiprange> to any
pass out from <over10gb> to any queue overlimit
You need a cronjob at midnight to flush the over10gb table, and zero
the counters for myiprange.
A second cronjob would do "pfctl -t myiprange -vT show", add up the
numbers, and spit out any
IPs that are over into "pfctl -t over10gb -T add $SOMEIPS"
Hopefully that's enough to get you started, or at least an idea of
some way to approach it.
--
Jon
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
