Snmp with ipfw counter

graveler

Dear All,

I have a little problem with pfsense snmp. Refering to
http://www.devco.net/archives/2005/02/23/ipfw_rule_counters_via_snmpd.php
there is a small script to count ipfw traffics. I've already add that script into /var/etc/snmpd.conf then chmod to 755 and restart bsnmpd service but there's error getting first OID in STG ( SNMP Traffic Grapher ).
Here is the snmpd.conf

location := "192.168.1.1"
contact := "me@mymail"
read := "public"
# SNMP Trap support.
traphost := 192.168.1.1
trapport := 162
trap := "public"

system := 1     # pfSense
%snmpd
begemotSnmpdDebugDumpPdus       = 2
begemotSnmpdDebugSyslogPri      = 7
begemotSnmpdCommunityString.0.1 = $(read)
begemotTrapSinkStatus.[$(traphost)].$(trapport) = 4
begemotTrapSinkVersion.[$(traphost)].$(trapport) = 2
begemotTrapSinkComm.[$(traphost)].$(trapport) = $(trap)
begemotSnmpdCommunityDisable    = 1
begemotSnmpdPortStatus.192.168.1.1.161 = 1
begemotSnmpdLocalPortStatus."/var/run/snmpd.sock" = 1
begemotSnmpdLocalPortType."/var/run/snmpd.sock" = 4

# These are bsnmp macros not php vars.
sysContact      = $(contact)
sysLocation     = $(location)
sysObjectId     = 1.3.6.1.4.1.12325.1.1.2.1.$(system)

snmpEnableAuthenTraps = 2
begemotSnmpdModulePath."mibII"  = "/usr/lib/snmp_mibII.so"
begemotSnmpdModulePath."netgraph" = "/usr/lib/snmp_netgraph.so"
%netgraph
begemotNgControlNodeName = "snmpd"
begemotSnmpdModulePath."pf"     = "/usr/lib/snmp_pf.so"
begemotSnmpdModulePath."hostres"     = "/usr/lib/snmp_hostres.so"

exec .1.3.6.1.4.1.9999.1 ipfwCounters /bin/ipfwsnmp2.pl

script for /bin/ipfwsnmp2.pl

#!/usr/bin/perl
#
# See http://www.devco.net/archives/2005/02/23/ipfw_rule_counters_via_snmpd.php

$ipfw = "/sbin/ipfw";
$ipfwOptions = "show | grep count";

@ipfw = `$ipfw $ipfwOptions`;

$max = 0;

foreach $rule (@ipfw) {
        if ($rule =~ /^(\d+)\s+\d+\s+(\d+)/) {
                $rule = $1;
                $bytes = $2;

                $rule =~ s/^0+//;

                if ($rule gt $max) {
                        $max = $rule;
                }

                $rules[$rule] = $bytes;
        }
}

for ($i = 1; $i <= $max; $i++) {
        if ($rules[$i]) {
                print ("$rules[$i]\n");
        } else {
                print ("0\n");
        }
}

FYI : when i installed in freebsd there is no error like in pfsense.

Thanks for help.

jimp

pfSense uses bsnmpd, not net-snmp, so it does not support the exec statement.

graveler

Thanks Jim for the reply,

So pfsense uses bsnmpd, and then how to make that variable passes to snmp. I need that variable to be passed in order to count all the traffic ( or by rule ) by ipfw.

Thanks

jimp

You cannot pass a command to bsnmpd. It does not support that.

The ipfw data may be listed, but I'm not sure what OID it might be under. It doesn't appear to be in any of bsnmpd's MIB files.