F.URBAN wrote: > Hi guys, > > I'm trying to find a way to get pf stats (ie: return of pfctl -si) > outside of the host to be sure that pf states count are under a certain > value. Usually I use snmp on other *Nix based OS but with snmpd(8) i'm > unable to achieve this (PF-MIB looks unpopulated). I agree snmp is a old > > and unsecure protocol so any other solution will fit aswell. > > Thankfully F.URBAN
Just to make sure we are on the same page. Could you please confirm that you are talking about snmpd from the base not net-snmp. I personally use only snmpd from the base on OpenBSD machines and net-snmpd on all other OSs. There is a brief section in Absolute OpenBSD, 2nd Edition about PF related MIBs. Following that section I played with net/mbrowse and sure enough they look populated to me. However IIRC was unable to pool them with Observium which I am using to monitor about 35 physical server. I also use collectd but typically don't turn SNMP plugin. Maybe I should. The Book of PF (I am still using 2nd edition here but I am ready to buy 3rd edition) also talks briefly on the page 150 about PF related MIBs but nothing concrete. IIRC Joel Knight is maintainer of the PF related MIBs on OpenBSD http://www.packetmischief.ca/2012/05/02/openbsd-5-1-snmp-mibs/ he has a bunch of nice graphs but I think he got them using Cacti. Anyhow I am really curious about the answers you are going to get on this very interesting question. Cheers, Predrag
