[Q} firewall machine nmbclusters,nkmempages

[Jung]

 152   770   69 1 0 1 1 0   inf0

In use 12231K, total allocated 17660K; utilization 69.3%

$ netstat -m
35581 mbufs in use:
577 mbufs allocated to data
35002 mbufs allocated to packet headers
2 mbufs allocated to socket names and addresses
576/1222 mapped pages in use
11348 Kbytes allocated to network (88% in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines

thanks
-Jung

[Tip] PF/bridge connection kill

[Jung]

hi all

pfctl -k does kill a only state. it doesn't connection kill.

so, At yesterday i tested a tcpkill in dsniff on my test PF/bridge firewall.

tcp connection kill is a useful on PF. 
  

examples on PF/bridge)
pfctl -ss | grep xxx.xxx.xxx.xxx
  ( search clent ip in state table)  
  
tcpkill -i fxp1 src host xxx.xxx.xxx.xxx and dst host xxx.xxx.xxx.xxx
 ( server ip) ( client ip) 
   

dsniff patch for PF/bridge)
--- pcaputil.c.orig Sat Nov 30 01:44:27 2002
+++ pcaputil.c  Sat Nov 30 01:48:29 2002
@@ -73,7 +73,9 @@
}
if (pcap_lookupnet(intf, &net, &mask, ebuf) == -1) {
warnx("%s", ebuf);
-   return (NULL);
+   /* required for IP less machine */
+   net = 0;
+   mask = 0;
}
if (pcap_compile(pd, &fcode, filter, 1, mask) < 0) {
pcap_perror(pd, "pcap_compile");