[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPF questions

To: "Misc@OpenBSD" <misc@openbsd.org>
Subject: IPF questions
From: "Nickolay Kuzmin" <nick@nlb.siberia.net>
Date: Fri, 2 Feb 2001 09:33:13 +0600
Importance: Normal

Hello, I hope it belongs here.

I have two questions regarding IPF setup on OpenBSD (2.7 -> 2.8)
I have read the man page to no avail.

First, I cannot seem to be able to put "count" rules inside
groups:

count out on xl0 from any to 200.1.1.1/32
pass out on xl0 from any to 200.1.1.1/32

works, but

block out on xl0 all head 100
count out from any to 200.1.1.1/32 group 100
pass out from any to 200.1.1.1/32 group 100

doesn't! It complains that 'no such process'
and "count" rule is not inserted. "pass" rule works in
both cases.

Second, it is quite tedious to add "count" on per IP basis
is there any shortcut to add a mass count rule? (e.g. to collect
a per IP statistics for a /24)

OpenBSD is a 2.8 upped via CVS from 2.7
problem was present in 2.7 too.
IPF ver 3.3.18

Nickolay

Prev by Date: FreeBSD-SA-01:19.local
Next by Date: OpenBSD-2.8, UDMA66 unsupported
Prev by thread: ipf questions
Next by thread: newbie ports question
Index(es):
- Date
- Thread