Compacting the "pf -v -s rules" output similar to "ipfstat -ionh"
Parv
parv at pair.com
Sun Dec 18 13:35:03 PST 2005
I am currently trying pf instead of ipf; rules were brought over
easily besides the user errors. I am still in the process of to be at
ease w/ pf logging & statistics.
Before i write it myself, has anybody got a already prepared way to
compact the "pfctl -v -s rules" output ...
pass in on lo0 all
[ Evaluations: 22188 Packets: 10925 Bytes: 8392463 States: 0 ]
pass out on lo0 all
[ Evaluations: 21850 Packets: 10925 Bytes: 8392463 States: 0 ]
block drop in on em0 all
[ Evaluations: 22188 Packets: 6 Bytes: 360 States: 0 ]
block drop in quick on em0 inet proto tcp from 192.168.2.0/24 to any port 137:139
[ Evaluations: 19 Packets: 0 Bytes: 0 States: 0 ]
... to something like ...
22188 pass in on lo0 all
21850 pass out on lo0 all
22188 block drop in on em0 all
19 block drop in quick on em0 inet proto tcp from 192.168.2.0/24 to any port 137:139
- Parv
--
More information about the freebsd-questions
mailing list