On Mon, Dec 30, 2019 at 10:08:49PM +0100, Florian Obser wrote: > > My MXs store about 300k addresses in block lists. Trying to export > This adds filter-pf-addresses similar to filter-routers to stop snmpd > from exporting under OPENBSD-PF-MIB::pfTblAddrTable. No snmp* user, just curious: Does this still send table names themselves and only filters their contents or does that omit tables entirely?
> (Happy to hear suggestions for a better name.) "filter-tables" sounds good for the latter case. > @@ -78,6 +78,15 @@ listen on $ext_addr > .Sh GLOBAL CONFIGURATION > The following options can be set globally: > .Bl -tag -width Ds > +.It Ic filter-pf-addresses Pq Ic yes | no > +If set to > +.Ic yes , > +.Xr snmpd 8 > +will filter out the OPENBSD-PF-MIB::pfTblAddrTable tree. > +Addresses stored in PF tables not be available, but CPU use will be > +reduced during bulk walks. Verb missing before comma.
