On 07/31/2008 10:01:51 AM, Dil Doe wrote:
The problem right now is I block everything and have multiple pass rules for -exactly- what I need. It would be incredibly tedious to add a label or counter to every pass rule I have. Is there a way to simplify this, a passive 1-liner that will match all incoming and outgoing bandwidth to my $ext_if without affecting my current rules?
No, not that I've been able to figure out. I've the same problem. What I want to pass has little to do with what I want to measure which either means that I've got to manually aggregate lots of pass rules and/or split some of the many existing pass rules into 2 or more separate rules just so I can measure what I want to measure. While this is not a defect in the pf design, IMO it is a deficiency. If would be nice if pf had another type of statement that only collected stats, to be "executed" after all filter rules. I've decided to try pmacct for my monitoring and reporting needs. There are other choices and as yet I've not gotten far enough to be a proponent of any particular choice. http://www.pmacct.net/ Karl <[EMAIL PROTECTED]> Free Software: "You don't pay back, you pay forward." -- Robert A. Heinlein
