Hello, I used to have a firewall with ipfw count rules in place for every IP I had. This worked fine, but it gave me a 2000+ ruleset that would cause cpu to skyrocket under even the lightest of DoS attacks.
So, I have plugged in another system on the DMZ and plan to count from there. In the most basic sense, I am thinking of sniffing trafficon this second machine and counting via that mechanism. Is this a common setup - counting traffic on a second machine that the traffic does not even flow through ? If so, is ipfw count rules used on the counting machine, or is there a better tool for counting per-IP traffic on a secondary system like this ? Any suggestions are appreciated. i will be using MRTG to show the stats, but again, the actual gathering / counting method I will use i am not sure of ... was planning on using ipfw count rules, but thought I would ask. And I am not sure of how to sniff traffic and pass it to ipfw to count .. so perhaps ipfw is not involved at all... thanks! To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
