I've just swapped out a NBSD 1.6.1 firewall with a 2.0.2
firewall, and my stats aren't playing nicely.

Every minute, I was doing this :

ipf -z -f /etc/ipf.conf (after grabbing stats from ipfstat -oa
and -ia).

This used to reset all the stats, but now I see this :

plug: {103} ipfstat -oa
42588045 count out on sip0 from any to any
0 count out on pppoe0 from any to any
17286514 count out on sip0 from 211.26.251.42/32 to any
0 count out on sip0 from 211.26.251.44/32 to any
3904816 count out on sip0 from 211.26.251.45/32 to any
40 count out on sip0 from 211.26.251.46/32 to any
21322109 count out on sip0 from 192.168.0.0/24 to any

plug: {104} ipf -z -f /etc/ipf.conf
hits 0 bytes 0 pass in quick on lo0 all
hits 0 bytes 0 pass out quick on lo0 all

plug: {105} ipfstat -oa
42589509 count out on sip0 from any to any
0 count out on pppoe0 from any to any
17286514 count out on sip0 from 211.26.251.42/32 to any
0 count out on sip0 from 211.26.251.44/32 to any
3904816 count out on sip0 from 211.26.251.45/32 to any
40 count out on sip0 from 211.26.251.46/32 to any
21323573 count out on sip0 from 192.168.0.0/24 to any


ipf.conf has this :

# usage stats :
count out on sip0 from any to any
count out on pppoe0 from any to any
count in on sip0 from any to any
count in on pppoe0 from any to any

count out on sip0 from 211.26.251.42 to any
count in on sip0 from any to 211.26.251.42
count out on sip0 from 211.26.251.44 to any
count in on sip0 from any to 211.26.251.44
count out on sip0 from 211.26.251.45 to any
count in on sip0 from any to 211.26.251.45
count out on sip0 from 211.26.251.46 to any
count in on sip0 from any to 211.26.251.46

count out on sip0 from 192.168.0.0/24 to any
count in on sip0 from any to 192.168.0.0/24



Any suggestions for what I may have misunderstood about
the change from 1.6.1 to 2.0.2?  Shouldn't ipf -z reset
*all* the counters it sees in the conf file (ie: everything
that starts with "count") ?

Thanks!

Carl