On 2010-10-02, Peter N. M. Hansteen <pe...@bsdly.net> wrote: > Hermes Ojeda Ruiz <hermes....@gmail.com> writes: > >> I'm working with a OpenBSD firewall on embedded hardware, and the client >> want to know the bandwidth consume by IP address. >> >> I don't know if this is possible using PF, another tool or making scripts to >> get the information. > > There are a few options available. One is to write the rule set with > labels to collect statistics, making sure the labels are one per IP > address. The other main option is to use pflow(4), with 'set > state-defaults pflow' or 'keep state (pflow)' for individual rules in > your rule set, set up a collector somewhere and extract the data you > need per IP address. If you go for pflow, the pflow man page will get > you started.
pflow needs software to collect data; you might want to look at nfsen/nfdump, pmacct or flow-tools - all are in ports. (Note that pflow is compatible with Netflow).