Hi all, I'm running a bering firewall in my production environment and have a couple of questions about the accounting side of things with shorewall and firewall load.
How often are the counters reset, is it only on a shorewall restart (firewall reboot etc)? If I wanted to track traffic from a specific internal IP I gather I just add it to the source/destination as below? ACTION CHAIN SOURCE DESTINATION PROTO DEST PORT SRC PORT www1:COUNT - eth0 eth1:10.0.100.36 tcp 80 www1:COUNT - eth1:10.0.100.36 eth0 tcp - 80 DONE www1 How can I track how hard the firewall is working? When I say how hard, as in packet throughput, cpu load etc. What do I check for to know if I need to upgrade the CPU, or go to 1000/100 NIC's etc Cheers Adam _________________________________________ Genis-X Webmail, http://www.genis-x.com ------------------------------------------------------- This SF.net email is sponsored by OSDN developer relations Here's your chance to show off your extensive product knowledge We want to know what you know. Tell us and you have a chance to win $100 http://www.zoomerang.com/survey.zgi?HRPT1X3RYQNC5V4MLNSV3E54 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html