Bug #3315
closedSNMP MIB-2 Strange TCP Stats
0%
Description
SNMP TCP Values wrong or missing
PfSense Says:
-----SNMP query started-----
1: tcpRtoAlgorithm.0 vanj(4)
2: tcpRtoMin.0 30
3: tcpRtoMax.0 64000
4: tcpMaxConn.0 -1
5: tcpActiveOpens.0 23
6: tcpPassiveOpens.0 10618
7: tcpAttemptFails.0 0
8: tcpEstabResets.0 63
9: tcpCurrEstab.0 0
10: tcpInSegs.0 156903
11: tcpOutSegs.0 235807
12: tcpRetransSegs.0 703
....
33: tcpInErrs.0 119887
My Server connected through the PfSense Says...
-----SNMP query started-----
1: tcpRtoAlgorithm.0 other(1)
2: tcpRtoMin.0 200
3: tcpRtoMax.0 120000
4: tcpMaxConn.0 -1
5: tcpActiveOpens.0 142366525
6: tcpPassiveOpens.0 65676
7: tcpAttemptFails.0 203741
8: tcpEstabResets.0 474750
9: tcpCurrEstab.0 603
10: tcpInSegs.0 2378748674
11: tcpOutSegs.0 2093853134
12: tcpRetransSegs.0 89950113
......
7618: tcpInErrs.0 51951793
7619: tcpOutRsts.0 21369287
tcpCurrEstab.0 is 0 all the Time...
Updated by Chris Buechler almost 11 years ago
- Status changed from New to Rejected
It works as it's supposed to. That's connections established by, or from, the firewall itself, not traffic through it. SNMP matches up to the output of:
netstat -an |grep ESTABLISHED | wc -l
as it should.
In a stock config, there will be very few if any established TCP connections sourced from or destined to the firewall. Only if you're actively in the web interface, or SSH to the firewall, will you have anything matching tcpCurrEstab. In some instances with certain packages, like where running Squid the firewall host will have many active TCP connections.