On 2017/02/02 14:58, Sebastian Reitenbach wrote:
> Hi,
>
> attached a new simple port to check the amount of entries in
> the PF state table. Works as advertized to me.
>
> Comments/Feedback or even OKs welcome.
>
> cheers,
> Sebastian
: This plugin needs to be able to open the pf(4) pseudo-device, which is
: mode 600 by default. If 'nagios' is the only thing that needs access to it,
: you can change the group of the device and make it mode 640.
:
: # chgrp nagios /dev/pf
: # chmod 640 /dev/pf
There is no way on earth I'd give Nagios-quality code access to /dev/pf.
I'd recommend running snmpd and doing this instead.
/usr/local/libexec/nagios/check_snmp -H localhost \
-o OPENBSD-PF-MIB::pfStateCount.0 -P 2c -C public -w 800 -c 1000
