On Mon, Feb 15, 2010 at 06:57:06PM -0800, Brian Keefer wrote: > On Feb 15, 2010, at 3:29 PM, Jason Dixon wrote: > > > On Mon, Feb 15, 2010 at 03:00:59PM -0800, Brian Keefer wrote: > >> Hello, > >> > >> I'm wondering what other folks are using to graph pf data beyond what is > >> provided by pfstat. The aggregate values are useful and I'd also like to > >> setup graphs of particular services, particular tables, etc. Is there a > >> way > >> for pfstat to graph labeled traffic that I have overlooked? > > > > There are lots of different ways to graph network data on pf firewalls. > > I don't know that any (besides pfstat) are specifically designed for pf, > > but it's not hard to retrofit them. > > Are there any tools that have built-in support to query pf label counters? > Is there a MIB for pf? I'm guessing the answer to both is no, so I'd have to > write a custom script to call pfctl -sl and parse it, then dump that into RRD > or some such. Is there a better approach?
A quick Google search of "pf mib" leads you to this: http://www.packetmischief.ca/openbsd/snmp/ But it hasn't been updated since 4.4. I also don't see any support in OpenBSD's snmpd(8) for pf(4) MIBs yet. Alternatively, you can use your own scripts and call them with Net-SNMP's extend directive. That's what I use for tracking states in production. -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
