On Tue, May 08, 2007 at 11:26:32PM +0200, carlopmart wrote:
> Hi all,
>
> I need to know some opninons about existing monitoring tools for openbsd
> carp/pf firewalls.
>
> My requsities are:
>
> - Monitor VPN conections betwwen three providers and roadwarriros clients
> (I am using another pflogd process to this) using web front-end preferred.
>
> - Monitor logs genereated by pf using web front-end prefered (real-time
> is a must)
>
> - Integrating OpenBSD events (logs, mails, etc) under an opensource SIM
> like OpenSIMS (http://opensims.sourceforge.net/) or OSSIM (www.ossim.net)
>
> Which tools do you recommends me? Somebdy have tested OpenSIMS or OSSIM
> with OPenBSD??
It's not OSSIM, but also check out the recent thread 'newbie question'
or something along those lines. I'd recommend SEC a second time.
The canonical application for network monitoring is Nagios; there are
quite a few alternatives, though.
As to pf stats, look at `ls -d /usr/ports/*/*stat /usr/ports/*/pf*`.
Very few will be real-time, but updating once a minute is usually good
enough.
Joachim
--
TFMotD: ep (4) - 3Com EtherLink III and Fast EtherLink III 10/100
Ethernet device
