Monitor interface status with SNMP and Nagios



  • I've noticed that SNMP on pfSense isn't well documented and most articles have you running down rabbit holes chasing down MIBs or some other nonsense. So, I wanted to post my findings and let others chime in if I missed anything.

    My goal was to monitor the operational status of an interface using Nagios. Here's what I did:

    
    List MIBs using snmpwalk:
    
    [nagios@nagios etc]$ snmpwalk -v 2c -c CommunityString 10.10.1.1
                                   ^     ^
                    Protocol version     Read Community STRING
                    pfSense uses 2c      This is set in pfSense
    
    You will get a lot of output but you mainly want these:
    
    IF-MIB::ifDescr.2 = STRING: em1
    IF-MIB::ifDescr.12 = STRING: pppoe1
    IF-MIB::ifDescr.13 = STRING: wan_stf
    IF-MIB::ifDescr.14 = STRING: ovpns2 S2S
    IF-MIB::ifDescr.15 = STRING: ovpns3 RAS
    IF-MIB::ifDescr.16 = STRING: ovpnc1 Proton
    
    IF-MIB::ifOperStatus.2 = INTEGER: up(1)
    IF-MIB::ifOperStatus.12 = INTEGER: dormant(5)
    IF-MIB::ifOperStatus.13 = INTEGER: dormant(5)
    IF-MIB::ifOperStatus.14 = INTEGER: up(1)
    IF-MIB::ifOperStatus.15 = INTEGER: up(1)
    IF-MIB::ifOperStatus.16 = INTEGER: down(2)
    
    Find the OID (add arg -O n):
    
    [nagios@nagios etc]$ snmpwalk -v 2c -O n -c CommunityString 10.10.1.1 IF-MIB::ifOperStatus
    .1.3.6.1.2.1.2.2.1.8.1 = INTEGER: up(1)
    .1.3.6.1.2.1.2.2.1.8.2 = INTEGER: up(1)
    .1.3.6.1.2.1.2.2.1.8.3 = INTEGER: down(2)
    .1.3.6.1.2.1.2.2.1.8.4 = INTEGER: down(2)
    .1.3.6.1.2.1.2.2.1.8.5 = INTEGER: down(2)
    .1.3.6.1.2.1.2.2.1.8.6 = INTEGER: dormant(5)
    .1.3.6.1.2.1.2.2.1.8.7 = INTEGER: up(1)
    .1.3.6.1.2.1.2.2.1.8.8 = INTEGER: up(1)
    .1.3.6.1.2.1.2.2.1.8.9 = INTEGER: up(1)
    .1.3.6.1.2.1.2.2.1.8.10 = INTEGER: up(1)
    .1.3.6.1.2.1.2.2.1.8.11 = INTEGER: up(1)
    .1.3.6.1.2.1.2.2.1.8.12 = INTEGER: dormant(5)
    .1.3.6.1.2.1.2.2.1.8.13 = INTEGER: dormant(5)
    .1.3.6.1.2.1.2.2.1.8.14 = INTEGER: up(1)
    .1.3.6.1.2.1.2.2.1.8.15 = INTEGER: up(1)
    .1.3.6.1.2.1.2.2.1.8.16 = INTEGER: down(2)
    ^---------------------^
             |
            OIDs
    
    Display Status of OID/MIB:
    
    MIB:
    nagios@nagios etc]$ snmpwalk -v 2c -c CommunityString 10.10.1.1 IF-MIB::ifOperStatus.2
    IF-MIB::ifOperStatus.2 = INTEGER: up(1)
    
    OID:
    [nagios@nagios etc]$ snmpwalk -v 2c -O n -c MIMIR-Technologies 172.177.1.1 .1.3.6.1.2.1.2.2.1.8.2
    .1.3.6.1.2.1.2.2.1.8.2 = INTEGER: up(1)
    
    Nagios service:
    The (-R [1345]) is regex for anything but 2, which is a down status)
    
    define service{
        use                             generic-service,srv-pnp
        host_name                       pfsense
        service_description             Interface: Outside [wan_stf]
        check_command                   check_snmp!-C CommunityString -o .1.3.6.1.2.1.2.2.1.8.13 -R "[1345]"
    }
    
    


  • Thanks, very useful :)



  • Have you done anything with the SNMP modules in the latest pfSense?
    Just curious, and thanks for your post!

    SNMP modules
    MibII
    Netgraph
    PF
    Host Resources
    UCD
    Regex



  • If you're interested, I did a write-up and released code for various pfSense non-SMTP checks with Nagios -- CPU, memory, pfSense services, VPN/IPSEC tunnels, interfaces, state table, firmware version, CPU temperature, system uptime, and more. The checks work on both Nagios Core and Nagios XI.
    https://www.linuxincluded.com/monitoring-pfsense-with-nagios-xi-using-ssh-part-1/


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy