|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Nickolay Kuzmin (nick
nlb.siberia.net)Date: Thu Feb 01 2001 - 21:33:13 CST
Hello, I hope it belongs here.
I have two questions regarding IPF setup on OpenBSD (2.7 -> 2.8)
I have read the man page to no avail.
First, I cannot seem to be able to put "count" rules inside
groups:
count out on xl0 from any to 200.1.1.1/32
pass out on xl0 from any to 200.1.1.1/32
works, but
block out on xl0 all head 100
count out from any to 200.1.1.1/32 group 100
pass out from any to 200.1.1.1/32 group 100
doesn't! It complains that 'no such process'
and "count" rule is not inserted. "pass" rule works in
both cases.
Second, it is quite tedious to add "count" on per IP basis
is there any shortcut to add a mass count rule? (e.g. to collect
a per IP statistics for a /24)
OpenBSD is a 2.8 upped via CVS from 2.7
problem was present in 2.7 too.
IPF ver 3.3.18
Nickolay
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]