Project

General

Profile

Actions
Copy link

Bug #10471

closed

Host Resources module is mandatory for PF SNMP module

Added by Viktor Gurov over 4 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
SNMP
Target version:
2.5.0
Start date:
04/17/2020
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

If you select PF module without Host Resources module on the Services / SNMP page
bsnmp doesn't return PF BEGEMOT-PF-MIB:

# snmpwalk -v2c -c public 127.0.0.1 | grep pf
SNMPv2-MIB::sysDescr.0 = STRING: pfSense pfSense.test.int 2.5.0-DEVELOPMENT pfSense FreeBSD 12.0-RELEASE-p10 amd64
SNMPv2-MIB::sysName.0 = STRING: pfSense.test.int
IF-MIB::ifDescr.5 = STRING: pflog0
IF-MIB::ifDescr.6 = STRING: pfsync0
IF-MIB::ifName.5 = STRING: pflog0
IF-MIB::ifName.6 = STRING: pfsync0

You also need to select the Host Resources module to get it:

# snmpwalk -v2c -c public 127.0.0.1 | grep pf
SNMPv2-MIB::sysDescr.0 = STRING: pfSense pfSense.test.int 2.5.0-DEVELOPMENT pfSense FreeBSD 12.0-RELEASE-p10 amd64
SNMPv2-MIB::sysName.0 = STRING: pfSense.test.int
IF-MIB::ifDescr.11 = STRING: pflog0
IF-MIB::ifDescr.12 = STRING: pfsync0
HOST-RESOURCES-MIB::hrStorageDescr.263 = STRING: UMA: pf mtags
HOST-RESOURCES-MIB::hrStorageDescr.264 = STRING: UMA: pf states
HOST-RESOURCES-MIB::hrStorageDescr.265 = STRING: UMA: pf state keys
HOST-RESOURCES-MIB::hrStorageDescr.266 = STRING: UMA: pf source nodes
HOST-RESOURCES-MIB::hrStorageDescr.267 = STRING: UMA: pf table entries
HOST-RESOURCES-MIB::hrStorageDescr.268 = STRING: UMA: pf table counters
HOST-RESOURCES-MIB::hrStorageDescr.269 = STRING: UMA: pf frags
HOST-RESOURCES-MIB::hrStorageDescr.270 = STRING: UMA: pf frag entries
HOST-RESOURCES-MIB::hrStorageDescr.271 = STRING: UMA: pf state scrubs
HOST-RESOURCES-MIB::hrStorageDescr.377 = STRING: MALLOC: pfs_nodes
HOST-RESOURCES-MIB::hrStorageDescr.378 = STRING: MALLOC: pfs_vncache
HOST-RESOURCES-MIB::hrStorageDescr.383 = STRING: MALLOC: tmpfs mount
HOST-RESOURCES-MIB::hrStorageDescr.384 = STRING: MALLOC: tmpfs name
HOST-RESOURCES-MIB::hrStorageDescr.557 = STRING: MALLOC: netgraph_bpf
HOST-RESOURCES-MIB::hrStorageDescr.607 = STRING: MALLOC: tcpfunc
HOST-RESOURCES-MIB::hrStorageDescr.627 = STRING: MALLOC: pfsync
HOST-RESOURCES-MIB::hrStorageDescr.628 = STRING: MALLOC: pf_temp
HOST-RESOURCES-MIB::hrStorageDescr.629 = STRING: MALLOC: pf_hash
HOST-RESOURCES-MIB::hrStorageDescr.630 = STRING: MALLOC: pf_ifnet
HOST-RESOURCES-MIB::hrStorageDescr.631 = STRING: MALLOC: pf_tag
HOST-RESOURCES-MIB::hrStorageDescr.632 = STRING: MALLOC: pf_altq
HOST-RESOURCES-MIB::hrStorageDescr.633 = STRING: MALLOC: pf_rule
HOST-RESOURCES-MIB::hrStorageDescr.634 = STRING: MALLOC: pf_osfp
HOST-RESOURCES-MIB::hrStorageDescr.635 = STRING: MALLOC: pf_table
HOST-RESOURCES-MIB::hrSWRunName.8 = STRING: "pf purge" 
HOST-RESOURCES-MIB::hrSWRunParameters.1392 = STRING: "-q -f /etc/pfSense-devd.conf" 
HOST-RESOURCES-MIB::hrSWRunParameters.18753 = STRING: "/usr/local/libexec/sshg-fw-pf" 
HOST-RESOURCES-MIB::hrSWRunParameters.35352 = STRING: "pf" 
HOST-RESOURCES-MIB::hrSWRunParameters.66140 = STRING: "-i pflog0 -p /var/run/filterlog.pid" 
HOST-RESOURCES-MIB::hrSWInstalledName.1 = STRING: "FreeBSD: FreeBSD 12.0-RELEASE-p10 ce9563d5729(RELENG_2_5) pfSens" 
IF-MIB::ifName.11 = STRING: pflog0
IF-MIB::ifName.12 = STRING: pfsync0

from https://forum.netgate.com/topic/152640/snmp-pf-object-missing-bsnmpd

Actions
Copy link
 #2

Updated by Jim Pingle over 4 years ago

  • Status changed from New to Pull Request Review
  • Target version set to 2.5.0
Actions
Copy link
 #3

Updated by Manuel Piovan over 4 years ago

i have done some research and i found this http://www.circitor.fr/Mibs/Html/B/BEGEMOT-PF-MIB.php#begemotPf
i have discovered that pf data is indeed present, the Host Resources module only add hrStorageDescr but there is actually no data
all the pf data are indeed available with

snmpwalk -v2c -c public 127.0.0.1 1.3.6.1.4.1.12325.1.200

this lead to

SNMPv2-SMI::enterprises.12325.1.200

therefore maybe this patch is not needed

more research done, i found this under the slide of jim that, sadly, i didn't noticed before https://www.netgate.com/assets/downloads/hangouts/201803_-_pfSense_Hangout_-_mib-example.txt
if we use snmpget/walk/table we need the -M flag else we can't use the correct name

snmpget -M +/usr/share/snmp/mibs/ -v2c -c public 127.0.0.1 BEGEMOT-PF-MIB::pfStatusRunning.0


[2.5.0-DEVELOPMENT][root@pfSense.kiokoman.home]/root: snmpget -M +/usr/share/snmp/mibs/ -v2c -c snmp-pfsense 127.0.0.1 BEGEMOT-PF-MIB::pfStatusRunning.0
BEGEMOT-PF-MIB::pfStatusRunning.0 = INTEGER: true(1)
Actions
Copy link
 #4

Updated by Viktor Gurov over 4 years ago

  • Status changed from Pull Request Review to Closed
Actions
Copy link

Also available in: Atom PDF