* sfp <[EMAIL PROTECTED]> [2006-07-06 08:22]: > Using bgpd to apply labels to prefixes using rtlabel. Given the pf.conf > statement: > > pass in on $int_if02 from route "test" to any keep state > > How can I see the (rt)labelled prefixes that are actually being acted upon > using pfctl?
you cannot. > When the same statement is (pf)labelled, pfctl fails to expand > the prefixes as well. I cannot parse that sentence ;( > > Eg > > pass in on $int_if02 from route "test" to any keep state label > "V115PERMIT:$proto:$srcaddr:$dstaddr:$dstport" > > [EMAIL PROTECTED] ~]# pfctl -sl > V115PERMIT:ip:?:any: 2 37 6334 21 2781 16 3553 > > I would prefer not to use a table in pf as prefixes are not removed when > they are withdrawn by bgpd. so you want to label teh routes, and be able to see the route label in the pf label for accounting purposes? > Outside of pf, the man pages for route(8) & netstat(1) do not indicate flags > for displaying the kernel routing table based on the label alone. I may > have missed it. In the absence of route show synxtax, is there a valid > wildcard for 'route get'? no. you can't get a list of prefixes by label right now. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
