On Mon, Feb 15, 2010 at 03:00:59PM -0800, Brian Keefer wrote: > Hello, > > I'm wondering what other folks are using to graph pf data beyond what is > provided by pfstat. The aggregate values are useful and I'd also like to > setup graphs of particular services, particular tables, etc. Is there a way > for pfstat to graph labeled traffic that I have overlooked?
There are lots of different ways to graph network data on pf firewalls. I don't know that any (besides pfstat) are specifically designed for pf, but it's not hard to retrofit them. > I also looked briefly at NetFlow support, but as near as I can tell that's > only for established flows, or am I wrong? If by "established" you mean finished, then yes. pfstat(4) exports expired states into NetFlow datagrams. NetFlow is very handy for looking at specific traffic events (or representative traffic of a large event) but is not useful for trending or regression analysis. -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
