> Currently if no port is available for translation, the "memory"
> counter is increased, which is not particularly descriptive, I'd
> find it helpful to split this off to a separate counter as it
> clearly shows when the default NAT port range causes a problem.
>
> Any comments/OKs? (it's pretty straightforward, but intended for
> post 5.3).
That's a great idea!
Should this go in, please don't forget pfstat as well (haven't tested
it, though)
--
Martin Pelikan
--- parse.y.old Thu Jan 11 17:01:58 2007
+++ parse.y Sun Feb 24 22:34:06 2013
@@ -133,7 +133,7 @@
"short", "normalize", "memory", "bad-timestamp",
"congestion", "ip-option", "proto-cksum",
"state-mismatch", "state-insert", "state-limit",
- "src-limit", "synproxy", 0 };
+ "src-limit", "synproxy", "translate", NULL };
int i;
$$.type = 0;
--- pfstat.conf.example.old Sun Feb 24 22:35:54 2013
+++ pfstat.conf.example Sun Feb 24 22:37:22 2013
@@ -6,7 +6,7 @@
# collect
# global
# states entries|searches|inserts|removals [diff]
-# counters match|bad-offset|fragment|...|synproxy [diff]
+# counters match|bad-offset|fragment|...|translate [diff]
# (see pfctl -si output, same strings)
# interface name pass|block packets|bytes in|out v4|v6 [diff]
# queue name passed|dropped|other packets|bytes|number [diff]
@@ -85,6 +85,7 @@
collect 27 = global counters state-limit diff
collect 28 = global counters src-limit diff
collect 29 = global counters synproxy diff
+collect 30 = global counters translate diff
image "/var/www/htdocs/benzedrine.cx/pfstat-errors.jpg" {
from 1 days to now
