NET-SNMP Package Now Available for pfSense 2.4 (SNMPv3, TLS, IPv6, and more)
-
Yeah, no longer maintained, but the pf parts for net-snmp seem to be from 2011-2012… would not seem so hopelessly outdated to port over. Proxying, yeah, not excited about that either.
-
- No direct access to pf information
What sort of information does this include?
I plan to run snmpd on my pfSense unit but I have a decision to make bsnmpd or net-snmp. The latter is my preference as I use that on dozens of server's so am used to it.
-
Things like state table size, altq information, various packet info counters tracked by pf, state table metadata… Here's the MIB from bsnmpd so you can see what's in it: http://files.atx.pfsense.org/jimp/mibs/BEGEMOT-PF-MIB.txt
-
Does this mean Observium (supports basically NET-SNMP for servers) can be used for detailed Pfsense monitoring? This sound very promising, as BSNMPd was providing limited information. Looking forward to try on a productive system.
-
I don't use observium but if it has profiles for NET-SNMP then it should be able to get anything it would usually get for a NET-SNMP host from it.
-
hmm, I finally got round to playing with this.
I did a full snmpwalk on bnsmpd data but no pf data to be found.
I may just use extend with net-snmpd instead.
-
I did a full snmpwalk on bnsmpd data but no pf data to be found.
I may just use extend with net-snmpd instead.
That's correct, net-snmpd has no special knowledge of pf. There is no current/supported net-snmp module for FreeBSD that can interface with pf. You could use some extend entries to call various pfctl commands to gather info, depending on what you need/want.
-
it was bsnmpd running on pfsense when I ran the snmpwalk.
Also a suggestion for the net-snmp package
You use the flags -Ls but this floods the log everytime a snmpd server connects, I suggest changing to -LF 0-4 I already patched my local pfsense.
root@PFSENSE pkg # ps axww | grep snmp 78025 - S 0:29.48 /usr/local/sbin/snmpd -LF 0-4 d -p /var/run/net_snmpd.pid -M /usr/share/snmp/mibs/:/usr/local/share/snmp/mibs -C -c /var/etc/netsnmpd.conf,/var/etc/netsnmpd-users.conf -
thx for this tip, my logs were being spammed also. Any idea idea if this will be rolled into a future upgrade?
For anyone else who needs to make the change, edit line 590 of /usr/local/pkg/net-snmp.inc
from/usr/local/sbin/snmpd -Ls d \to
/usr/local/sbin/snmpd -LF 0-4 d \ -
Thanks for the tip about changing that line to reduce Log Spam.
