Is there a way to zero out the packet/byte counters on pipes and queues
like you can to the rules? The command "ipfw pipe|queue zero" display a
message that accounting was cleared, but rather than clear out pipe or
queue counters it clears the rules counters only. Am I missing
something or is
On Tue, Oct 22, 2002 at 03:48:13PM -0300, Marc G. Fournier wrote:
> On Tue, 22 Oct 2002, Luigi Rizzo wrote:
...
> > Or if you are just happy to aggregate by IP, one solution i often
> > use is the following (based on dummynet's dynamic pipes):
> >
> > # do not expire pipes even if they have
On Tue, 22 Oct 2002, Luigi Rizzo wrote:
> let me understand, you basically want something that puts flow statistics
> in the bucket identified by the of the first SYN
> packet you see (the assumption being that connections are
> initiated by clients towards a well known port, which appears
> as d
let me understand, you basically want something that puts flow statistics
in the bucket identified by the of the first SYN
packet you see (the assumption being that connections are
initiated by clients towards a well known port, which appears
as dst-port in the first syn packet ?
Or if you are ju
For this kind of thing I usualy use ntop with the cflow connector to output
the flow data as regular CISCO flowd stuff. This data can then be analysed
using tools like rdd and friends.
On Tuesday 22 October 2002 10:47, Marc G. Fournier wrote:
> I've got FreeBSD setup as a firewall to our campus
I've got FreeBSD setup as a firewall to our campus network, and its doing
a great job of it, but we want to be able log statistics on traffic going
in and out ...
I have trafd running on the server, with it dumping its data to a
PostgreSQL database, but for every ~8min "segment", it is logging ~1
