Re: pfsync and byte/packet counters

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Ryan McBride

Subject: Re: pfsync and byte/packet counters

Date: Tuesday, February 17, 2009 - 9:25 pm

On Tue, Feb 17, 2009 at 10:30:49PM +1000, David Gwynne wrote:
quoted text> the pfsync_state_import and _export code are shared between both pfsync 
> and the pf ioctls. userland does read the state packet and byte  
> counters, so there is a point to it.

This is true, but the design decision predates the use of pfsync_* for
the pf ioctls.

In pre-pflow(4) days, people might also use the output on the pfsync
interface either directly or via some netflow conversion to gather usage
data for their traffic, so it's needed there as well.

In the original pfsync implementation I considered trying to synchronize
the counters as well, but making sure you don't over/under count if
packets hit both firewalls would have made it overly complicated.

-Ryan

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

pfsync and byte/packet counters, Alexander Sabourenkov, (Tue Feb 17, 5:19 am)

Re: pfsync and byte/packet counters, David Gwynne, (Tue Feb 17, 5:30 am)

Re: pfsync and byte/packet counters, Alexander Sabourenkov, (Tue Feb 17, 7:01 am)

Re: pfsync and byte/packet counters, Ryan McBride, (Tue Feb 17, 9:25 pm)

Re: pfsync and byte/packet counters, David Gwynne, (Tue Feb 17, 9:52 pm)


linux-kernel:
Paul Turner	[tg_shares_up rewrite v4 11/11] sched: update tg->shares after cpu.shares write
Mr. James W. Laferriere	Re: Linux 2.6.25-rc1 , syntax error near unexpected token `;'
Chuck Ebbert	Re: PCI: Unable to reserve mem region problem
Mingming Cao	Re: [RFC 1/4] Large Blocksize support for Ext2/3/4
Linus Torvalds	Linux 2.6.34-rc4
git:
Ralf Wildenhues	[PATCH] Fix typos in the documentation
Adeodato	Bazaar's patience diff as GIT_EXTERNAL_DIFF
Johannes Schindelin	Re: [PATCH 2/4] Add functions get_relative_cwd() and is_inside_dir()
Len Brown	Re: fatal: unable to create '.git/index': File exists
Denis Bueno	Git clone error
git-commits-head:
Linux Kernel Mailing List	ASoC: fix registration of the SoC card in the Freescale MPC8610 drivers
Linux Kernel Mailing List	drivers/acpi: use kasprintf
Linux Kernel Mailing List	nfsd41: sanity check client drc maxreqs
Linux Kernel Mailing List	bnx2x: Moving includes
Linux Kernel Mailing List	V4L/DVB: gspca - sonixj: Adjust minor values of sensor ov7630. - set the color ga...
openbsd-misc:
Sevan / Venture37	Re: This is what Linus Torvalds calls openBSD crowd
Netmaffia.hu	Tini Lányok AKCIÓBAN OTTHON
Sam Fourman Jr.	Re: Help with Altell PC6700
Siju George	This is what Linus Torvalds calls openBSD crowd
Darrin Chandler	Re: OT: Python (was Re: vi in /bin)
linux-netdev:
Kurt Van Dijck	Re: [PATCH net-next-2.6 1/2] can: add driver for Softing card
Eric Dumazet	Re: [PATCH net-next-2.6] net: Introduce skb_orphan_try()
Jamie Lokier	Re: POHMELFS high performance network filesystem. Transactions, failover, performa...
David Miller	Re: [PATCH v2] net: typos in comments in include/linux/igmp.h
Ursula Braun	[patch 0/1] remove header_ops bug in qeth driver