pf_states
Sadly there is no documentation for this plugin.
#!/bin/sh
#
# OpenBSD's pf(4) monitoring for OpenBSD
# 2007, Originally by Gergely Czuczy <phoemix@harmless.hu>
# for FreeBSD systems. Ported and split by the
# immerda admin team admin(at)immerda.ch
# this version is adapted for openbsd and is only tested on
# openbsd systems.
#
# Needs to run as root.
# Add "user root" for the [pf] into plugins.conf.
#
# Options:
# - env.do_searches yes: to enable state table search monitoring`
#
#%# family=auto
#%# capabilities=autoconf
pfctl='/sbin/pfctl'
case $1 in
config)
cat <<EOF
graph_title OpenBSD pf state statistics
graph_vlabel Entries per second
graph_scale no
graph_category network
graph_args -l 0
graph_info OpenBSD's pf state statistics
states.label States
states.type GAUGE
searches.label Searches
searches.min 0
searches.type DERIVE
EOF
${pfctl} -sm 2> /dev/null | awk '
/states/ {print "states.warning "$4*0.9; print "states.critical "$4*0.95}'
exit 0
;;
autoconf)
# FreeBSD
ostype=`uname -s`
if [ ${ostype} = "FreeBSD" ]; then
# pf(4) module loaded?
if [ `kldstat -v | grep pf | wc -l` -eq 0 ]; then
echo "no (pf(4) is not loaded)"
exit 0
fi
# enabled?
if [ `pfctl -si 2>/dev/null | awk '/^Status:/{print $2}'` != "Enabled" ]; then
echo "no (pf(4) is not enabled, consult pfctl(8)"
exit 0
fi
# OpenBSD
elif [ ${ostype} = "OpenBSD" ]; then
# enabled?
if [ `pfctl -si 2>/dev/null | awk '/^Status:/{print $2}'` != "Enabled" ]; then
echo "no (pf(4) is not enabled, consult pfctl(8)"
exit 0
fi
# Other OSes
else
echo "no (this plugin is not supported on your OS)"
exit 0
fi
echo "yes"
exit 0
;;
suggest)
exit 0;
;;
esac
#
${pfctl} -si 2>/dev/null | awk '
/current entries/{print "states.value",$3}
/searches/ { print "searches.value",$2}'