Add support for BEGEMOT PF MIB for pfSense devices

Feature Requests
,
1

pfSense supports the BEGEMOT PF MIB (initially from FreeBSD):

It exposes several interesting metrics, notably on state tables and accepted/blocked packets per interface.

E.g. from http://glr81.free.fr/pages/pfsense-snmp-oid.htm:
Number of pfilter states
SNMPv2-SMI::enterprises::BEGEMOT-PF-MIB::pfStateTable.pfStateTableCount.0 = Gauge32
1.3.6.1.4.1.12325.1.200.1.3.1.0

Number of pfilter state inserts
SNMPv2-SMI::enterprises::BEGEMOT-PF-MIB::pfStateTable.pfStateTableInserts.0 = Counter64
1.3.6.1.4.1.12325.1.200.1.3.3.0

Number of pfilter state removal
SNMPv2-SMI::enterprises::BEGEMOT-PF-MIB::pfStateTable.pfStateTableRemovals.0 = Counter64
1.3.6.1.4.1.12325.1.200.1.3.4.0

Number of pfilter matches
SNMPv2-SMI::enterprises::BEGEMOT-PF-MIB::pfCounter.pfCounterMatch.0 = Counter64
1.3.6.1.4.1.12325.1.200.1.2.1.0

Accepted packets in vr0 (LAN)
SNMPv2-SMI::enterprises::BEGEMOT-PF-MIB::pfInterfaces.pfInterfacesIfTable.pfInterfacesIfEntry.pfInterfacesIf4PktsInPass.5 = Counter64
1.3.6.1.4.1.12325.1.200.1.8.2.1.11.5

Blocked packets in vr0 (LAN)
SNMPv2-SMI::enterprises::BEGEMOT-PF-MIB::pfInterfaces.pfInterfacesIfTable.pfInterfacesIfEntry.pfInterfacesIf4PktsInBlock.5 = Counter64
1.3.6.1.4.1.12325.1.200.1.8.2.1.12.5

Accepted packets in vr1 (WAN)
SNMPv2-SMI::enterprises::BEGEMOT-PF-MIB::pfInterfaces.pfInterfacesIfTable.pfInterfacesIfEntry.pfInterfacesIf4PktsInPass.6 = Counter64
1.3.6.1.4.1.12325.1.200.1.8.2.1.11.6

Blocked packets in vr1 (WAN)
SNMPv2-SMI::enterprises::BEGEMOT-PF-MIB::pfInterfaces.pfInterfacesIfTable.pfInterfacesIfEntry.pfInterfacesIf4PktsInBlock.6 = Counter64
1.3.6.1.4.1.12325.1.200.1.8.2.1.12.6

Accepted packets in vr2 (OPT)
SNMPv2-SMI::enterprises::BEGEMOT-PF-MIB::pfInterfaces.pfInterfacesIfTable.pfInterfacesIfEntry.pfInterfacesIf4PktsInPass.7 = Counter64
1.3.6.1.4.1.12325.1.200.1.8.2.1.11.7

Blocked packets in vr2 (OPT)
SNMPv2-SMI::enterprises::BEGEMOT-PF-MIB::pfInterfaces.pfInterfacesIfTable.pfInterfacesIfEntry.pfInterfacesIf4PktsInBlock.7 = Counter64
1.3.6.1.4.1.12325.1.200.1.8.2.1.12.7

This would make a great addition to LibreNMS if we could have graphs for this out of the box.

I can confirm this is still valid for the latest pfSense version (2.4.2).

1 Like
2

Hi,

I am working on this at the moment. I’ve implemented the following:
$states = $oids[0][‘pfStateTableCount’];
$searches = $oids[0][‘pfStateTableSearches’];
$inserts = $oids[0][‘pfStateTableInserts’];
$removals = $oids[0][‘pfStateTableCount’];
$matches = $oids[0][‘pfCounterMatch’];
$badoffset = $oids[0][‘pfCounterBadOffset’];
$fragmented = $oids[0][‘pfCounterFragment’];
$short = $oids[0][‘pfCounterShort’];
$normalized = $oids[0][‘pfCounterNormalize’];
$memdropped = $oids[0][‘pfCounterMemDrop’];

I am still trying to figure out how to do the interfaces. If I do a walk of the pfInterfacesIfEntry OID, I get more interfaces that I need. For example:
BEGEMOT-PF-MIB::pfInterfacesIfDescr.1 = STRING: “all”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.2 = STRING: “enc”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.3 = STRING: “enc0”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.4 = STRING: “lo”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.5 = STRING: “lo0”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.6 = STRING: “openvpn”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.7 = STRING: “ovpns1”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.8 = STRING: “pflog”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.9 = STRING: “pflog0”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.10 = STRING: “pfsync”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.11 = STRING: “pfsync0”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.12 = STRING: “tun”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.13 = STRING: “tun1”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.14 = STRING: “vtnet0”
BEGEMOT-PF-MIB::pfInterfacesIfDescr.15 = STRING: “vtnet1”

2 Likes
3
1 Like