On Wed, Apr 05, 2006 at 11:49:12PM +0200, Per-Olov Sjöholm wrote: > The PF rule... > pass in quick on $EXTERNAL_INT inet from any to $COLOC_IPS_1 label > "TEST:$dstaddr#" keep state > > Gives a label like.... > TEST:65.45.128.128/25# 230 3099 1511793 1370 148914 1729 1362879 > > > Is there an easy way to do expansion of $COLOC_IPS_1 so that the single > rule above give labels like... > TEST:65.45.128.128/1# 230 3099 1511793 1370 148914 1729 1362879 > TEST:65.45.128.128/2# 230 3099 1511793 1370 148914 1729 1362879 > TEST:65.45.128.128/3# 230 3099 1511793 1370 148914 1729 1362879 > TEST:65.45.128.128/4# 230 3099 1511793 1370 148914 1729 1362879 > TEST:65.45.128.128/n# 230 3099 1511793 1370 148914 1729 1362879 > TEST:65.45.128.128/n+1# 230 3099 1511793 1370 148914 1729 1362879 > TEST:65.45.128.128/254# 230 3099 1511793 1370 148914 1729 1362879 > > > This so we could measure each customers dedicated server statistics.
You mean counters for each individual address within one netblock, as for 65.45.128.128/25 65.45.128.128 65.45.128.129 65.45.128.130 ... 65.45.128.255 ? Note that 65.45.128.0-127 are NOT part of 65.45.128.128/25. Or did you really mean counters for different netblocks with varying width? That's something else, entirely. And /n for n > 32 makes no sense for IPv4 :) Daniel
