Good time of the day, everybody!
Does anyone know, how to account per-direction traffic with PF?
Imagine I have a rule: pass in on $int_if from $some_machine to any keep state label some-machine
When I invoke /sbin/pfctl -sl I get something like: some-machine 5904 2510 130379
where 130371 (the last number) is the TOTAL traffic that was generated by the named rule. I wish I could know the amount of incoming traffic for that machine separately from the outgoing.
put $some_machine into a table.
table foo { $some_machine $another_one }
pass in on $int_if from <foo> to any keep statethen do:
pfctl -t ssh -vvTs
Cedric
