* Jason Dixon <[EMAIL PROTECTED]> [2005-05-04 21:56]: > I've been working on an IP accounting project for use with PF labels. > The entire concept is based on the label macros that can be assigned to > each filter rule, using values like $dstaddr, $srcaddr, $dstport, etc. > Unfortunately, I just got slapped with a big dose of reality when I > realized that these macros are just like normal macros; that is, the > expansion only occurs at configuration file parse time, not during > runtime.
yes. keeping these counters for each remote IP we ever saw would waste a lot of kernel memory. > I don't mean to sound like a leach or ingrate, because I most certainly > am not. I'll be the first to pitch in where I can, but those who know > me well don't want me hacking on PF. On the other hand, I've been > happy to donate hardware and cash in the past and would be happy to do > it again for this feature. I've discussed the possibilities for PF > labels with Theo et al off-list in the past, so I'm hoping this might > be something the PF team would be interested in pursuing. see above, I don't think it makes sense. we should probably investigate a better integrated netflow data export or the like for accounting. -- BS Web Services, http://www.bsws.de/ OpenBSD-based Webhosting, Mail Services, Managed Servers, ... Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
