ipfwshow as shell builtin?

[Eugene Grosbein]

Hi!

There are some tasks that are can be easily and efficiently solved
with ipfw(8). For example, it can summarize traffic delivered
over ethernet with unicast packets (ipfw2 feature), or make sums
of traffic from/to distinct network blocks. It's not about generic
detailed traffic accounting, it's about simple sums (f.e. for MRTG).

The problem is how to get these values easly and efficiently for
the same time. To supply values for MRTG I use net-snmpd and its
'pass_persist' feature (think about one MRTG and many monitires hosts).

Simple shell script uses 'ipfw show' to return values.
It is easy but still is not very optimal. There is additional
fork+exec of /sbin/ipfw still.

It would be nice to have something lightweight like 'ipfwshow'
as /bin/sh builtin, isn't it?

Eugene Grosbein