I was surprised with the fact that there has been no contribution in favour of my favorite UNIX flavour. So I decided why not me, someone has to begin. 1) In my firewall configuration file, besides of many more lines, there are two as follows. Well, if you decided to deploy MRTG on FreeBSD you already know how to compile the kernel, configure ipfw, natd, and so on... This is not discussed here. ############## /sbin/ipfw -q add 00002 divert natd all from any to any in recv ed0 /sbin/ipfw -q add 00003 divert natd all from any to any out xmit ed0 ############## 2) Now look into the bytesh.cfg and bytess.cfg files. They are very simple just to give you an idea for further modifications. a) Line "/sbin/ipfw show 2 3|/usr/bin/awk '{print $3}'" in file bytesh.cfg extracts the current values from rule 00002 and rule 00003 and passes them to MRTG for further processing. The third field of rule 00002 counts incoming bytes, the third field of rule 00003 counts outgoing bytes. /usr/bin/awk '{print $3}' will extract those fields for you, it's self obvious. b) In file bytess.cfg this line looks different. If you wish to build graphs in bytes per second you will have to divide the current values of rules 00002 and 00003 by 300 (if you run MRTG every five minutes) and get rid of fraction part. "/sbin/ipfw show 2 3|/usr/bin/awk '{print $3/300}'|/usr/bin/sed 's/\..*//'" 3) Now write a script which will run your MRTG with these two files. ############## #!/bin/sh /path/to/bin/mrtg /path/to/bytesh.cfg /path/to/bin/mrtg /path/to/bytess.cfg # and zero the counters. /sbin/ipfw -q zero 00002 00003 2>/dev/null ############## That's all to begin with on FreBSD. The best of luck! WBR Vitali Malicky vitali_malicky@yahoo.com.au