Re: altq for vlans?
From: Jeremie Le Hen (jeremie_at_le-hen.org)
Date: 02/14/05
- Previous message: Ruslan Ermilov: "Re: xl(4) & polling"
- In reply to: David Gilbert: "Re: altq for vlans?"
- Next in thread: Max Laier: "Re: altq for vlans?"
- Reply: Max Laier: "Re: altq for vlans?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 14 Feb 2005 10:43:53 +0100 To: David Gilbert <dgilbert@dclg.ca>
> Anyways, the _real_ problem is that traditionally, I'd used firewall
> rules for accounting as well as security. To that end, labels are
> very cool. However, they have one rather large defect:
>
> If you're dealing with keep state rules, there seems to be no obvious
> way to account for incoming vs. outgoing traffic. The label only
> reports total traffic for the state matching the rule... which is both
> in and out.
This is a workaround, but I found that ipfw's count rules are pretty
useful for this purpose. This would however add processing overhead
for each packet especially using gigabit Ethernet.
Regards,
-- Jeremie Le Hen jeremie at le-hen dot org _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Ruslan Ermilov: "Re: xl(4) & polling"
- In reply to: David Gilbert: "Re: altq for vlans?"
- Next in thread: Max Laier: "Re: altq for vlans?"
- Reply: Max Laier: "Re: altq for vlans?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
