Annotation of src/share/snmp/OPENBSD-PF-MIB.txt, Revision 1.3
1.3 ! joel 1: -- $OpenBSD: OPENBSD-PF-MIB.txt,v 1.2 2013/03/11 19:49:37 sthen Exp $
1.1 joel 2: --
1.3 ! joel 3: -- Copyright (c) 2004-2013 Joel Knight <knight.joel@gmail.com>
1.1 joel 4: --
5: -- Permission to use, copy, modify, and distribute this document for any
6: -- purpose with or without fee is hereby granted, provided that the above
7: -- copyright notice and this permission notice appear in all copies.
8: --
9: -- THE DOCUMENT IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: -- WITH REGARD TO THIS DOCUMENT INCLUDING ALL IMPLIED WARRANTIES OF
11: -- MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: -- ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: -- WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: -- ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: -- OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS DOCUMENT.
16:
17:
18: OPENBSD-PF-MIB DEFINITIONS ::= BEGIN
19:
20: IMPORTS
21: MODULE-IDENTITY, NOTIFICATION-TYPE, OBJECT-TYPE,
22: Counter32, Counter64, Unsigned32, Integer32, IpAddress,
23: TimeTicks, enterprises
24: FROM SNMPv2-SMI
25:
26: TruthValue
27: FROM SNMPv2-TC
28:
29: openBSD
30: FROM OPENBSD-BASE-MIB
31:
32: MODULE-COMPLIANCE, OBJECT-GROUP
33: FROM SNMPv2-CONF;
34:
35: pfMIBObjects MODULE-IDENTITY
1.3 ! joel 36: LAST-UPDATED "201308310446Z"
1.1 joel 37: ORGANIZATION "OpenBSD"
38: CONTACT-INFO "
39: Author: Joel Knight
40: email: knight.joel@gmail.com
41: www: http://www.packetmischief.ca/openbsd-snmp-mibs/
42: "
43: DESCRIPTION "The MIB module for gathering information from
44: OpenBSD's packet filter.
45: "
1.3 ! joel 46: REVISION "201308310446Z"
! 47: DESCRIPTION "Add pf(4) table byte/packet counters for 'match' rules"
1.2 sthen 48: REVISION "201302242033Z"
49: DESCRIPTION "Add separate counter for failed translations"
1.1 joel 50: REVISION "201201260000Z"
51: DESCRIPTION "Add OPENBSD-PF-MIB to OpenBSD's snmpd"
52: ::= { openBSD 1 }
53:
54:
55: -- define the sections of the MIB
56:
57: pfInfo OBJECT IDENTIFIER ::= { pfMIBObjects 1 }
58: pfCounters OBJECT IDENTIFIER ::= { pfMIBObjects 2 }
59: pfStateTable OBJECT IDENTIFIER ::= { pfMIBObjects 3 }
60: pfLogInterface OBJECT IDENTIFIER ::= { pfMIBObjects 4 }
61: pfSrcTracking OBJECT IDENTIFIER ::= { pfMIBObjects 5 }
62: pfLimits OBJECT IDENTIFIER ::= { pfMIBObjects 6 }
63: pfTimeouts OBJECT IDENTIFIER ::= { pfMIBObjects 7 }
64: pfInterfaces OBJECT IDENTIFIER ::= { pfMIBObjects 8 }
65: pfTables OBJECT IDENTIFIER ::= { pfMIBObjects 9 }
66: pfLabels OBJECT IDENTIFIER ::= { pfMIBObjects 10 }
67: pfsyncStats OBJECT IDENTIFIER ::= { pfMIBObjects 11 }
68:
69:
70: -- pfInfo
71:
72: pfRunning OBJECT-TYPE
73: SYNTAX TruthValue
74: MAX-ACCESS read-only
75: STATUS current
76: DESCRIPTION
77: "Indicates whether pf is enabled or not."
78: ::= { pfInfo 1 }
79:
80: pfRuntime OBJECT-TYPE
81: SYNTAX TimeTicks
82: UNITS "1/100th of a Second"
83: MAX-ACCESS read-only
84: STATUS current
85: DESCRIPTION
86: "Indicates how long pf has been enabled. If pf is not
87: enabled, indicates how long pf has been disabled. If pf has not
88: been explicitly enabled or disabled since the system was booted,
89: the value will be 0."
90: ::= { pfInfo 2 }
91:
92: pfDebug OBJECT-TYPE
93: SYNTAX INTEGER {
94: emerg(0),
95: alert(1),
96: crit(2),
97: err(3),
98: warning(4),
99: notice(5),
100: info(6),
101: debug(7)
102: }
103: MAX-ACCESS read-only
104: STATUS current
105: DESCRIPTION
106: "Indicates the debug level that pf is running at."
107: ::= { pfInfo 3 }
108:
109: pfHostid OBJECT-TYPE
110: SYNTAX OCTET STRING
111: MAX-ACCESS read-only
112: STATUS current
113: DESCRIPTION
114: "The (unique) host id of the machine running pf."
115: ::= { pfInfo 4 }
116:
117:
118: -- pfCounters
119:
120: pfCntMatch OBJECT-TYPE
121: SYNTAX Counter64
122: MAX-ACCESS read-only
123: STATUS current
124: DESCRIPTION
125: "The number of packets that have matched a filter rule."
126: ::= { pfCounters 1 }
127:
128: pfCntBadOffset OBJECT-TYPE
129: SYNTAX Counter64
130: MAX-ACCESS read-only
131: STATUS current
132: DESCRIPTION
133: "The number of packets that have had a bad offset value."
134: ::= { pfCounters 2 }
135:
136: pfCntFragment OBJECT-TYPE
137: SYNTAX Counter64
138: MAX-ACCESS read-only
139: STATUS current
140: DESCRIPTION
141: "The number of packet fragments."
142: ::= { pfCounters 3 }
143:
144: pfCntShort OBJECT-TYPE
145: SYNTAX Counter64
146: MAX-ACCESS read-only
147: STATUS current
148: DESCRIPTION
149: "The number of packets that were too short to contain a valid header."
150: ::= { pfCounters 4 }
151:
152: pfCntNormalize OBJECT-TYPE
153: SYNTAX Counter64
154: MAX-ACCESS read-only
155: STATUS current
156: DESCRIPTION
157: "The number of packets that were normalized using the packet scrubber."
158: ::= { pfCounters 5 }
159:
160: pfCntMemory OBJECT-TYPE
161: SYNTAX Counter64
162: MAX-ACCESS read-only
163: STATUS current
164: DESCRIPTION
165: "The number of packets that were dropped due to memory limitations."
166: ::= { pfCounters 6 }
167:
168: pfCntTimestamp OBJECT-TYPE
169: SYNTAX Counter64
170: MAX-ACCESS read-only
171: STATUS current
172: DESCRIPTION
173: "The number of packets that were dropped due to improper RFC1323 timestamp."
174: ::= { pfCounters 7 }
175:
176: pfCntCongestion OBJECT-TYPE
177: SYNTAX Counter64
178: MAX-ACCESS read-only
179: STATUS current
180: DESCRIPTION
181: "The number of packets that were dropped due to congestion on the interface."
182: ::= { pfCounters 8 }
183:
184: pfCntIpOption OBJECT-TYPE
185: SYNTAX Counter64
186: MAX-ACCESS read-only
187: STATUS current
188: DESCRIPTION
189: "The number of packets that were dropped due to having options set in
190: the IP header."
191: ::= { pfCounters 9 }
192:
193: pfCntProtoCksum OBJECT-TYPE
194: SYNTAX Counter64
195: MAX-ACCESS read-only
196: STATUS current
197: DESCRIPTION
198: "The number of packets that were dropped due to memory limitations."
199: ::= { pfCounters 10 }
200:
201: pfCntStateMismatch OBJECT-TYPE
202: SYNTAX Counter64
203: MAX-ACCESS read-only
204: STATUS current
205: DESCRIPTION
206: "The number of packets that were dropped due to a state table mismatch."
207: ::= { pfCounters 11 }
208:
209: pfCntStateInsert OBJECT-TYPE
210: SYNTAX Counter64
211: MAX-ACCESS read-only
212: STATUS current
213: DESCRIPTION
214: "The number of packets that were dropped due to errors creating a
215: state table entry."
216: ::= { pfCounters 12 }
217:
218: pfCntStateLimit OBJECT-TYPE
219: SYNTAX Counter64
220: MAX-ACCESS read-only
221: STATUS current
222: DESCRIPTION
223: "The number of packets that were dropped due to the per-rule max
224: state limit being reached."
225: ::= { pfCounters 13 }
226:
227: pfCntSrcLimit OBJECT-TYPE
228: SYNTAX Counter64
229: MAX-ACCESS read-only
230: STATUS current
231: DESCRIPTION
232: "The number of packets that were dropped due to stateful connection
233: tracking. A packet could be dropped due to resource limits (memory)
234: or due to a tracking limit being reached."
235: ::= { pfCounters 14 }
236:
237: pfCntSynproxy OBJECT-TYPE
238: SYNTAX Counter64
239: MAX-ACCESS read-only
240: STATUS current
241: DESCRIPTION
242: "The number of packets that were dropped during the TCP synproxy process."
243: ::= { pfCounters 15 }
1.2 sthen 244:
245: pfCntTranslate OBJECT-TYPE
246: SYNTAX Counter64
247: MAX-ACCESS read-only
248: STATUS current
249: DESCRIPTION
250: "The number of packets that were dropped because network address
251: translation was requested and no unused port was available."
252: ::= { pfCounters 16 }
1.1 joel 253:
254:
255: -- pfStateTable
256:
257: pfStateCount OBJECT-TYPE
258: SYNTAX Unsigned32
259: MAX-ACCESS read-only
260: STATUS current
261: DESCRIPTION
262: "The number of entries in the state table."
263: ::= { pfStateTable 1 }
264:
265: pfStateSearches OBJECT-TYPE
266: SYNTAX Counter64
267: MAX-ACCESS read-only
268: STATUS current
269: DESCRIPTION
270: "The number of searches against the state table."
271: ::= { pfStateTable 2 }
272:
273: pfStateInserts OBJECT-TYPE
274: SYNTAX Counter64
275: MAX-ACCESS read-only
276: STATUS current
277: DESCRIPTION
278: "The number of inserts into the state table."
279: ::= { pfStateTable 3 }
280:
281: pfStateRemovals OBJECT-TYPE
282: SYNTAX Counter64
283: MAX-ACCESS read-only
284: STATUS current
285: DESCRIPTION
286: "The number of removals from the state table."
287: ::= { pfStateTable 4 }
288:
289:
290: -- pfLogInterface
291:
292: pfLogIfName OBJECT-TYPE
293: SYNTAX OCTET STRING
294: MAX-ACCESS read-only
295: STATUS current
296: DESCRIPTION
297: "The name of the interface configured using 'set loginterface'.
298: If no interface has been configured, the object will be empty."
299: ::= { pfLogInterface 1 }
300:
301: pfLogIfIpBytesIn OBJECT-TYPE
302: SYNTAX Counter64
303: MAX-ACCESS read-only
304: STATUS current
305: DESCRIPTION
306: "The number of IPv4 bytes passed in on the loginterface."
307: ::= { pfLogInterface 2 }
308:
309: pfLogIfIpBytesOut OBJECT-TYPE
310: SYNTAX Counter64
311: MAX-ACCESS read-only
312: STATUS current
313: DESCRIPTION
314: "The number of IPv4 bytes passed out on the loginterface."
315: ::= { pfLogInterface 3 }
316:
317: pfLogIfIpPktsInPass OBJECT-TYPE
318: SYNTAX Counter64
319: MAX-ACCESS read-only
320: STATUS current
321: DESCRIPTION
322: "The number of IPv4 packets passed in on the loginterface."
323: ::= { pfLogInterface 4 }
324:
325: pfLogIfIpPktsInDrop OBJECT-TYPE
326: SYNTAX Counter64
327: MAX-ACCESS read-only
328: STATUS current
329: DESCRIPTION
330: "The number of dropped IPv4 packets coming in on the loginterface."
331: ::= { pfLogInterface 5 }
332:
333: pfLogIfIpPktsOutPass OBJECT-TYPE
334: SYNTAX Counter64
335: MAX-ACCESS read-only
336: STATUS current
337: DESCRIPTION
338: "The number of IPv4 packets passed out on the loginterface."
339: ::= { pfLogInterface 6 }
340:
341: pfLogIfIpPktsOutDrop OBJECT-TYPE
342: SYNTAX Counter64
343: MAX-ACCESS read-only
344: STATUS current
345: DESCRIPTION
346: "The number of dropped IPv4 packets going out on the loginterface."
347: ::= { pfLogInterface 7 }
348:
349: pfLogIfIp6BytesIn OBJECT-TYPE
350: SYNTAX Counter64
351: MAX-ACCESS read-only
352: STATUS current
353: DESCRIPTION
354: "The number of IPv6 bytes passed in on the loginterface."
355: ::= { pfLogInterface 8 }
356:
357: pfLogIfIp6BytesOut OBJECT-TYPE
358: SYNTAX Counter64
359: MAX-ACCESS read-only
360: STATUS current
361: DESCRIPTION
362: "The number of IPv6 bytes passed out on the loginterface."
363: ::= { pfLogInterface 9 }
364:
365: pfLogIfIp6PktsInPass OBJECT-TYPE
366: SYNTAX Counter64
367: MAX-ACCESS read-only
368: STATUS current
369: DESCRIPTION
370: "The number of IPv6 packets passed in on the loginterface."
371: ::= { pfLogInterface 10 }
372:
373: pfLogIfIp6PktsInDrop OBJECT-TYPE
374: SYNTAX Counter64
375: MAX-ACCESS read-only
376: STATUS current
377: DESCRIPTION
378: "The number of dropped IPv6 packets coming in on the loginterface."
379: ::= { pfLogInterface 11 }
380:
381: pfLogIfIp6PktsOutPass OBJECT-TYPE
382: SYNTAX Counter64
383: MAX-ACCESS read-only
384: STATUS current
385: DESCRIPTION
386: "The number of IPv6 packets passed out on the loginterface."
387: ::= { pfLogInterface 12 }
388:
389: pfLogIfIp6PktsOutDrop OBJECT-TYPE
390: SYNTAX Counter64
391: MAX-ACCESS read-only
392: STATUS current
393: DESCRIPTION
394: "The number of dropped IPv6 packets going out on the loginterface."
395: ::= { pfLogInterface 13 }
396:
397:
398: -- pfSrcTracking
399:
400: pfSrcTrackCount OBJECT-TYPE
401: SYNTAX Unsigned32
402: MAX-ACCESS read-only
403: STATUS current
404: DESCRIPTION
405: "The number of entries in the source tracking table."
406: ::= { pfSrcTracking 1 }
407:
408: pfSrcTrackSearches OBJECT-TYPE
409: SYNTAX Counter64
410: MAX-ACCESS read-only
411: STATUS current
412: DESCRIPTION
413: "The number of searches against the source tracking table."
414: ::= { pfSrcTracking 2 }
415:
416: pfSrcTrackInserts OBJECT-TYPE
417: SYNTAX Counter64
418: MAX-ACCESS read-only
419: STATUS current
420: DESCRIPTION
421: "The number of inserts into the source tracking table."
422: ::= { pfSrcTracking 3 }
423:
424: pfSrcTrackRemovals OBJECT-TYPE
425: SYNTAX Counter64
426: MAX-ACCESS read-only
427: STATUS current
428: DESCRIPTION
429: "The number of removals from the source tracking table."
430: ::= { pfSrcTracking 4 }
431:
432:
433: -- pfLimits
434:
435: pfLimitStates OBJECT-TYPE
436: SYNTAX Unsigned32
437: MAX-ACCESS read-only
438: STATUS current
439: DESCRIPTION
440: "The maximum number of entries in the memory pool used by state
441: table entries (filter rules that specify 'keep state')."
442: ::= { pfLimits 1 }
443:
444: pfLimitSourceNodes OBJECT-TYPE
445: SYNTAX Unsigned32
446: MAX-ACCESS read-only
447: STATUS current
448: DESCRIPTION
449: "The maximum number of entries in the memory pool used for tracking
450: source IP addresses (filter rules that specify 'sticky-address' or
451: 'source-track' options)."
452: ::= { pfLimits 2 }
453:
454: pfLimitFragments OBJECT-TYPE
455: SYNTAX Unsigned32
456: MAX-ACCESS read-only
457: STATUS current
458: DESCRIPTION
459: "The maximum number of entries in the memory pool used for packet
460: reassembly (scrub rules)."
461: ::= { pfLimits 3 }
462:
463: pfLimitMaxTables OBJECT-TYPE
464: SYNTAX Unsigned32
465: MAX-ACCESS read-only
466: STATUS current
467: DESCRIPTION
468: "The maximum number of tables that can be created as part of the
469: active ruleset."
470: ::= { pfLimits 4 }
471:
472: pfLimitMaxTableEntries OBJECT-TYPE
473: SYNTAX Unsigned32
474: MAX-ACCESS read-only
475: STATUS current
476: DESCRIPTION
477: "The overall maximum number of addresses that can be stored in
478: tables."
479: ::= { pfLimits 5 }
480:
481:
482: -- pfTimeouts
483:
484: pfTimeoutTcpFirst OBJECT-TYPE
485: SYNTAX Integer32
486: MAX-ACCESS read-only
487: STATUS current
488: DESCRIPTION
489: "State after receiving the first TCP packet in a new connection."
490: ::= { pfTimeouts 1 }
491:
492: pfTimeoutTcpOpening OBJECT-TYPE
493: SYNTAX Integer32
494: MAX-ACCESS read-only
495: STATUS current
496: DESCRIPTION
497: "State before the destination host ever sends a packet in response
498: to a new connection from this host."
499: ::= { pfTimeouts 2 }
500:
501: pfTimeoutTcpEstablished OBJECT-TYPE
502: SYNTAX Integer32
503: MAX-ACCESS read-only
504: STATUS current
505: DESCRIPTION
506: "State when a TCP connection is fully established."
507: ::= { pfTimeouts 3 }
508:
509: pfTimeoutTcpClosing OBJECT-TYPE
510: SYNTAX Integer32
511: MAX-ACCESS read-only
512: STATUS current
513: DESCRIPTION
514: "State after the first FIN has been sent."
515: ::= { pfTimeouts 4 }
516:
517: pfTimeoutTcpFinWait OBJECT-TYPE
518: SYNTAX Integer32
519: MAX-ACCESS read-only
520: STATUS current
521: DESCRIPTION
522: "State after both FINs are sent and the connection is closed."
523: ::= { pfTimeouts 5 }
524:
525: pfTimeoutTcpClosed OBJECT-TYPE
526: SYNTAX Integer32
527: MAX-ACCESS read-only
528: STATUS current
529: DESCRIPTION
530: "State after the first RST has been sent."
531: ::= { pfTimeouts 6 }
532:
533: pfTimeoutUdpFirst OBJECT-TYPE
534: SYNTAX Integer32
535: MAX-ACCESS read-only
536: STATUS current
537: DESCRIPTION
538: "State after receiving the first UDP packet."
539: ::= { pfTimeouts 7 }
540:
541: pfTimeoutUdpSingle OBJECT-TYPE
542: SYNTAX Integer32
543: MAX-ACCESS read-only
544: STATUS current
545: DESCRIPTION
546: "State if the source sends more than 1 packet but the destination
547: has never sent a packet back."
548: ::= { pfTimeouts 8 }
549:
550: pfTimeoutUdpMultiple OBJECT-TYPE
551: SYNTAX Integer32
552: MAX-ACCESS read-only
553: STATUS current
554: DESCRIPTION
555: "State when both hosts have sent packets."
556: ::= { pfTimeouts 9 }
557:
558: pfTimeoutIcmpFirst OBJECT-TYPE
559: SYNTAX Integer32
560: MAX-ACCESS read-only
561: STATUS current
562: DESCRIPTION
563: "State after receiving the first ICMP packet."
564: ::= { pfTimeouts 10 }
565:
566: pfTimeoutIcmpError OBJECT-TYPE
567: SYNTAX Integer32
568: MAX-ACCESS read-only
569: STATUS current
570: DESCRIPTION
571: "State when an ICMP error comes back in response to an ICMP
572: packet."
573: ::= { pfTimeouts 11 }
574:
575: pfTimeoutOtherFirst OBJECT-TYPE
576: SYNTAX Integer32
577: MAX-ACCESS read-only
578: STATUS current
579: DESCRIPTION
580: "State after receiving the first packet."
581: ::= { pfTimeouts 12 }
582:
583: pfTimeoutOtherSingle OBJECT-TYPE
584: SYNTAX Integer32
585: MAX-ACCESS read-only
586: STATUS current
587: DESCRIPTION
588: "State if the source sends more than 1 packet but the destination
589: has never sent a packet back."
590: ::= { pfTimeouts 13 }
591:
592: pfTimeoutOtherMultiple OBJECT-TYPE
593: SYNTAX Integer32
594: MAX-ACCESS read-only
595: STATUS current
596: DESCRIPTION
597: "State when both hosts have sent packets."
598: ::= { pfTimeouts 14 }
599:
600: pfTimeoutFragment OBJECT-TYPE
601: SYNTAX Integer32
602: MAX-ACCESS read-only
603: STATUS current
604: DESCRIPTION
605: "How long before an unassembled fragment is expired."
606: ::= { pfTimeouts 15 }
607:
608: pfTimeoutInterval OBJECT-TYPE
609: SYNTAX Integer32
610: MAX-ACCESS read-only
611: STATUS current
612: DESCRIPTION
613: "Interval before purging expired states and fragments."
614: ::= { pfTimeouts 16 }
615:
616: pfTimeoutAdaptiveStart OBJECT-TYPE
617: SYNTAX Integer32
618: MAX-ACCESS read-only
619: STATUS current
620: DESCRIPTION
621: "When the number of state entries exceeds this value, adaptive
622: scaling begins."
623: ::= { pfTimeouts 17 }
624:
625: pfTimeoutAdaptiveEnd OBJECT-TYPE
626: SYNTAX Integer32
627: MAX-ACCESS read-only
628: STATUS current
629: DESCRIPTION
630: "When reaching this number of state entries, all timeout values
631: become zero, effectively purging all state entries immediately."
632: ::= { pfTimeouts 18 }
633:
634: pfTimeoutSrcTrack OBJECT-TYPE
635: SYNTAX Integer32
636: MAX-ACCESS read-only
637: STATUS current
638: DESCRIPTION
639: "Time that a source tracking entry will stay around after the
640: last state expires."
641: ::= { pfTimeouts 19 }
642:
643:
644: -- pfInterfaces
645:
646: pfIfNumber OBJECT-TYPE
647: SYNTAX Integer32
648: MAX-ACCESS read-only
649: STATUS current
650: DESCRIPTION
651: "The number of network interfaces present on this system."
652: ::= { pfInterfaces 1 }
653:
654: pfIfTable OBJECT-TYPE
655: SYNTAX SEQUENCE OF PfIfEntry
656: MAX-ACCESS not-accessible
657: STATUS current
658: DESCRIPTION
659: "A list of individual interfaces. The number of entries is
660: given by the value of pfIfNumber."
661: ::= { pfInterfaces 128 }
662:
663: pfIfEntry OBJECT-TYPE
664: SYNTAX PfIfEntry
665: MAX-ACCESS not-accessible
666: STATUS current
667: DESCRIPTION
668: "An entry containing management information applicable to a
669: particular interface."
670: INDEX { pfIfIndex }
671: ::= { pfIfTable 1 }
672:
673: PfIfEntry ::=
674: SEQUENCE {
675: pfIfIndex Integer32,
676: pfIfDescr OCTET STRING,
677: pfIfType INTEGER,
678: pfIfRefs Unsigned32,
679: pfIfRules Unsigned32,
680: pfIfIn4PassPkts Counter64,
681: pfIfIn4PassBytes Counter64,
682: pfIfIn4BlockPkts Counter64,
683: pfIfIn4BlockBytes Counter64,
684: pfIfOut4PassPkts Counter64,
685: pfIfOut4PassBytes Counter64,
686: pfIfOut4BlockPkts Counter64,
687: pfIfOut4BlockBytes Counter64,
688: pfIfIn6PassPkts Counter64,
689: pfIfIn6PassBytes Counter64,
690: pfIfIn6BlockPkts Counter64,
691: pfIfIn6BlockBytes Counter64,
692: pfIfOut6PassPkts Counter64,
693: pfIfOut6PassBytes Counter64,
694: pfIfOut6BlockPkts Counter64,
695: pfIfOut6BlockBytes Counter64
696: }
697:
698: pfIfIndex OBJECT-TYPE
699: SYNTAX Integer32 (1..2147483647)
700: MAX-ACCESS read-only
701: STATUS current
702: DESCRIPTION
703: "A unique value, greater than zero, for each interface. It
704: is recommended that values are assigned contiguously
705: starting from 1. The value for each interface sub-layer
706: must remain constant at least from one re-initialization of
707: the entity's network management system to the next re-
708: initialization."
709: ::= { pfIfEntry 1 }
710:
711: pfIfDescr OBJECT-TYPE
712: SYNTAX OCTET STRING
713: MAX-ACCESS read-only
714: STATUS current
715: DESCRIPTION
716: "The name of the interface."
717: ::= { pfIfEntry 2 }
718:
719: pfIfType OBJECT-TYPE
720: SYNTAX INTEGER { group(0), instance(1), detached(2) }
721: MAX-ACCESS read-only
722: STATUS current
723: DESCRIPTION
724: "Denotes whether the interface is a group interface, an interface
725: instance, or whether it's been removed or destroyed."
726: ::= { pfIfEntry 3 }
727:
728: pfIfRefs OBJECT-TYPE
729: SYNTAX Unsigned32
730: MAX-ACCESS read-only
731: STATUS current
732: DESCRIPTION
733: "The number of state and/or source track entries which reference
734: the interface."
735: ::= { pfIfEntry 4 }
736:
737: pfIfRules OBJECT-TYPE
738: SYNTAX Unsigned32
739: MAX-ACCESS read-only
740: STATUS current
741: DESCRIPTION
742: "The number of rules which reference the interface."
743: ::= { pfIfEntry 5 }
744:
745: pfIfIn4PassPkts OBJECT-TYPE
746: SYNTAX Counter64
747: MAX-ACCESS read-only
748: STATUS current
749: DESCRIPTION
750: "The number of IPv4 packets passed in."
751: ::= { pfIfEntry 6 }
752:
753: pfIfIn4PassBytes OBJECT-TYPE
754: SYNTAX Counter64
755: MAX-ACCESS read-only
756: STATUS current
757: DESCRIPTION
758: "The number of IPv4 bytes passed in."
759: ::= { pfIfEntry 7 }
760:
761: pfIfIn4BlockPkts OBJECT-TYPE
762: SYNTAX Counter64
763: MAX-ACCESS read-only
764: STATUS current
765: DESCRIPTION
766: "The number of incoming IPv4 packets blocked."
767: ::= { pfIfEntry 8 }
768:
769: pfIfIn4BlockBytes OBJECT-TYPE
770: SYNTAX Counter64
771: MAX-ACCESS read-only
772: STATUS current
773: DESCRIPTION
774: "The number of incoming IPv4 bytes blocked."
775: ::= { pfIfEntry 9 }
776:
777: pfIfOut4PassPkts OBJECT-TYPE
778: SYNTAX Counter64
779: MAX-ACCESS read-only
780: STATUS current
781: DESCRIPTION
782: "The number of IPv4 bytes passed out."
783: ::= { pfIfEntry 10 }
784:
785: pfIfOut4PassBytes OBJECT-TYPE
786: SYNTAX Counter64
787: MAX-ACCESS read-only
788: STATUS current
789: DESCRIPTION
790: "The number of IPv4 bytes passed out."
791: ::= { pfIfEntry 11 }
792:
793: pfIfOut4BlockPkts OBJECT-TYPE
794: SYNTAX Counter64
795: MAX-ACCESS read-only
796: STATUS current
797: DESCRIPTION
798: "The number of outgoing IPv4 bytes blocked."
799: ::= { pfIfEntry 12 }
800:
801: pfIfOut4BlockBytes OBJECT-TYPE
802: SYNTAX Counter64
803: MAX-ACCESS read-only
804: STATUS current
805: DESCRIPTION
806: "The number of outgoing IPv4 bytes blocked."
807: ::= { pfIfEntry 13 }
808:
809: pfIfIn6PassPkts OBJECT-TYPE
810: SYNTAX Counter64
811: MAX-ACCESS read-only
812: STATUS current
813: DESCRIPTION
814: "The number of IPv6 packets passed in."
815: ::= { pfIfEntry 14 }
816:
817: pfIfIn6PassBytes OBJECT-TYPE
818: SYNTAX Counter64
819: MAX-ACCESS read-only
820: STATUS current
821: DESCRIPTION
822: "The number of IPv6 bytes passed in."
823: ::= { pfIfEntry 15 }
824:
825: pfIfIn6BlockPkts OBJECT-TYPE
826: SYNTAX Counter64
827: MAX-ACCESS read-only
828: STATUS current
829: DESCRIPTION
830: "The number of incoming IPv6 packets blocked."
831: ::= { pfIfEntry 16 }
832:
833: pfIfIn6BlockBytes OBJECT-TYPE
834: SYNTAX Counter64
835: MAX-ACCESS read-only
836: STATUS current
837: DESCRIPTION
838: "The number of incoming IPv6 bytes blocked."
839: ::= { pfIfEntry 17 }
840:
841: pfIfOut6PassPkts OBJECT-TYPE
842: SYNTAX Counter64
843: MAX-ACCESS read-only
844: STATUS current
845: DESCRIPTION
846: "The number of IPv6 bytes passed out."
847: ::= { pfIfEntry 18 }
848:
849: pfIfOut6PassBytes OBJECT-TYPE
850: SYNTAX Counter64
851: MAX-ACCESS read-only
852: STATUS current
853: DESCRIPTION
854: "The number of IPv6 bytes passed out."
855: ::= { pfIfEntry 19 }
856:
857: pfIfOut6BlockPkts OBJECT-TYPE
858: SYNTAX Counter64
859: MAX-ACCESS read-only
860: STATUS current
861: DESCRIPTION
862: "The number of outgoing IPv6 bytes blocked."
863: ::= { pfIfEntry 20 }
864:
865: pfIfOut6BlockBytes OBJECT-TYPE
866: SYNTAX Counter64
867: MAX-ACCESS read-only
868: STATUS current
869: DESCRIPTION
870: "The number of outgoing IPv6 bytes blocked."
871: ::= { pfIfEntry 21 }
872:
873:
874: -- pfTables
875:
876: pfTblNumber OBJECT-TYPE
877: SYNTAX Integer32
878: MAX-ACCESS read-only
879: STATUS current
880: DESCRIPTION
881: "The number of tables present on this system."
882: ::= { pfTables 1 }
883:
884: pfTblTable OBJECT-TYPE
885: SYNTAX SEQUENCE OF TblEntry
886: MAX-ACCESS not-accessible
887: STATUS current
888: DESCRIPTION
889: "A list of individual tables. The number of entries is
890: given by the value of tblNumber."
891: ::= { pfTables 128 }
892:
893: pfTblEntry OBJECT-TYPE
894: SYNTAX TblEntry
895: MAX-ACCESS not-accessible
896: STATUS current
897: DESCRIPTION
898: "An entry containing management information applicable to a
899: particular table."
900: INDEX { pfTblIndex }
901: ::= { pfTblTable 1 }
902:
903: TblEntry ::=
904: SEQUENCE {
905: pfTblIndex Integer32,
906: pfTblName OCTET STRING,
907: pfTblAddresses Integer32,
908: pfTblAnchorRefs Integer32,
909: pfTblRuleRefs Integer32,
910: pfTblEvalsMatch Counter64,
911: pfTblEvalsNoMatch Counter64,
912: pfTblInPassPkts Counter64,
913: pfTblInPassBytes Counter64,
914: pfTblInBlockPkts Counter64,
915: pfTblInBlockBytes Counter64,
916: pfTblInXPassPkts Counter64,
917: pfTblInXPassBytes Counter64,
918: pfTblOutPassPkts Counter64,
919: pfTblOutPassBytes Counter64,
920: pfTblOutBlockPkts Counter64,
921: pfTblOutBlockBytes Counter64,
922: pfTblOutXPassPkts Counter64,
923: pfTblOutXPassBytes Counter64,
1.3 ! joel 924: pfTblStatsCleared TimeTicks,
! 925: pfTblInMatchPkts Counter64,
! 926: pfTblInMatchBytes Counter64,
! 927: pfTblOutMatchPkts Counter64,
! 928: pfTblOutMatchBytes Counter64
1.1 joel 929: }
930:
931: pfTblIndex OBJECT-TYPE
932: SYNTAX Integer32 (1..2147483647)
933: MAX-ACCESS read-only
934: STATUS current
935: DESCRIPTION
936: "A unique value, greater than zero, for each table."
937: ::= { pfTblEntry 1 }
938:
939: pfTblName OBJECT-TYPE
940: SYNTAX OCTET STRING
941: MAX-ACCESS read-only
942: STATUS current
943: DESCRIPTION
944: "The name of the table."
945: ::= { pfTblEntry 2 }
946:
947: pfTblAddresses OBJECT-TYPE
948: SYNTAX Integer32
949: MAX-ACCESS read-only
950: STATUS current
951: DESCRIPTION
952: "The number of addresses currently stored in the table."
953: ::= { pfTblEntry 3 }
954:
955: pfTblAnchorRefs OBJECT-TYPE
956: SYNTAX Integer32
957: MAX-ACCESS read-only
958: STATUS current
959: DESCRIPTION
960: "The number of anchors which reference the table."
961: ::= { pfTblEntry 4 }
962:
963: pfTblRuleRefs OBJECT-TYPE
964: SYNTAX Integer32
965: MAX-ACCESS read-only
966: STATUS current
967: DESCRIPTION
968: "The number of rules which reference the table."
969: ::= { pfTblEntry 5 }
970:
971: pfTblEvalsMatch OBJECT-TYPE
972: SYNTAX Counter64
973: MAX-ACCESS read-only
974: STATUS current
975: DESCRIPTION
976: "The number of table evaluations that produced a match."
977: ::= { pfTblEntry 6 }
978:
979: pfTblEvalsNoMatch OBJECT-TYPE
980: SYNTAX Counter64
981: MAX-ACCESS read-only
982: STATUS current
983: DESCRIPTION
984: "The number of table evaluations that didn't match."
985: ::= { pfTblEntry 7 }
986:
987: pfTblInPassPkts OBJECT-TYPE
988: SYNTAX Counter64
989: MAX-ACCESS read-only
990: STATUS current
991: DESCRIPTION
992: "The number of packets passed in that matched the table."
993: ::= { pfTblEntry 8 }
994:
995: pfTblInPassBytes OBJECT-TYPE
996: SYNTAX Counter64
997: MAX-ACCESS read-only
998: STATUS current
999: DESCRIPTION
1000: "The number of bytes passed in that matched the table."
1001: ::= { pfTblEntry 9 }
1002:
1003: pfTblInBlockPkts OBJECT-TYPE
1004: SYNTAX Counter64
1005: MAX-ACCESS read-only
1006: STATUS current
1007: DESCRIPTION
1008: "The number of incoming packets blocked that matched the table."
1009: ::= { pfTblEntry 10 }
1010:
1011: pfTblInBlockBytes OBJECT-TYPE
1012: SYNTAX Counter64
1013: MAX-ACCESS read-only
1014: STATUS current
1015: DESCRIPTION
1016: "The number incoming bytes blocked that matched the table."
1017: ::= { pfTblEntry 11 }
1018:
1019: pfTblInXPassPkts OBJECT-TYPE
1020: SYNTAX Counter64
1021: MAX-ACCESS read-only
1022: STATUS current
1023: DESCRIPTION
1024: "The number of packets statefully passed in where the state
1025: entry refers to the table, but the table no longer contains
1026: the address in question."
1027: ::= { pfTblEntry 12 }
1028:
1029: pfTblInXPassBytes OBJECT-TYPE
1030: SYNTAX Counter64
1031: MAX-ACCESS read-only
1032: STATUS current
1033: DESCRIPTION
1034: "The number of bytes statefully passed in where the state
1035: entry refers to the table, but the table no longer contains
1036: the address in question."
1037: ::= { pfTblEntry 13 }
1038:
1039: pfTblOutPassPkts OBJECT-TYPE
1040: SYNTAX Counter64
1041: MAX-ACCESS read-only
1042: STATUS current
1043: DESCRIPTION
1044: "The number of packets passed out that matched the table."
1045: ::= { pfTblEntry 14 }
1046:
1047: pfTblOutPassBytes OBJECT-TYPE
1048: SYNTAX Counter64
1049: MAX-ACCESS read-only
1050: STATUS current
1051: DESCRIPTION
1052: "The number of bytes passed out that matched the table."
1053: ::= { pfTblEntry 15 }
1054:
1055: pfTblOutBlockPkts OBJECT-TYPE
1056: SYNTAX Counter64
1057: MAX-ACCESS read-only
1058: STATUS current
1059: DESCRIPTION
1060: "The number of outgoing packets blocked that matched the table."
1061: ::= { pfTblEntry 16 }
1062:
1063: pfTblOutBlockBytes OBJECT-TYPE
1064: SYNTAX Counter64
1065: MAX-ACCESS read-only
1066: STATUS current
1067: DESCRIPTION
1068: "The number outgoing bytes blocked that matched the table."
1069: ::= { pfTblEntry 17 }
1070:
1071: pfTblOutXPassPkts OBJECT-TYPE
1072: SYNTAX Counter64
1073: MAX-ACCESS read-only
1074: STATUS current
1075: DESCRIPTION
1076: "The number of packets statefully passed out where the state
1077: entry refers to the table, but the table no longer contains
1078: the address in question."
1079: ::= { pfTblEntry 18 }
1080:
1081: pfTblOutXPassBytes OBJECT-TYPE
1082: SYNTAX Counter64
1083: MAX-ACCESS read-only
1084: STATUS current
1085: DESCRIPTION
1086: "The number of bytes statefully passed out where the state
1087: entry refers to the table, but the table no longer contains
1088: the address in question."
1089: ::= { pfTblEntry 19 }
1090:
1091: pfTblStatsCleared OBJECT-TYPE
1092: SYNTAX TimeTicks
1093: UNITS "1/100th of a Second"
1094: MAX-ACCESS read-only
1095: STATUS current
1096: DESCRIPTION
1097: "The number of seconds that have passed since the statistics
1098: for this pf table were zeroed."
1099: ::= { pfTblEntry 20 }
1100:
1.3 ! joel 1101: pfTblInMatchPkts OBJECT-TYPE
! 1102: SYNTAX Counter64
! 1103: MAX-ACCESS read-only
! 1104: STATUS current
! 1105: DESCRIPTION
! 1106: "The number of inbound packets that hit a 'match' rule where this
! 1107: particular table was referenced by the rule."
! 1108: ::= { pfTblEntry 21 }
! 1109:
! 1110: pfTblInMatchBytes OBJECT-TYPE
! 1111: SYNTAX Counter64
! 1112: MAX-ACCESS read-only
! 1113: STATUS current
! 1114: DESCRIPTION
! 1115: "The total size in bytes of all inbound packets that hit a
! 1116: 'match' rule where this particular table was referenced by
! 1117: the rule."
! 1118: ::= { pfTblEntry 22 }
! 1119:
! 1120: pfTblOutMatchPkts OBJECT-TYPE
! 1121: SYNTAX Counter64
! 1122: MAX-ACCESS read-only
! 1123: STATUS current
! 1124: DESCRIPTION
! 1125: "The number of outbound packets that hit a 'match' rule where this
! 1126: particular table was referenced by the rule."
! 1127: ::= { pfTblEntry 23 }
! 1128:
! 1129: pfTblOutMatchBytes OBJECT-TYPE
! 1130: SYNTAX Counter64
! 1131: MAX-ACCESS read-only
! 1132: STATUS current
! 1133: DESCRIPTION
! 1134: "The total size in bytes of all outbound packets that hit a
! 1135: 'match' rule where this particular table was referenced by
! 1136: the rule."
! 1137: ::= { pfTblEntry 24 }
! 1138:
1.1 joel 1139: pfTblAddrTable OBJECT-TYPE
1140: SYNTAX SEQUENCE OF TblAddrEntry
1141: MAX-ACCESS not-accessible
1142: STATUS current
1143: DESCRIPTION
1144: "A table containing the addresses/CIDR network blocks from
1145: every table on the system."
1146: ::= { pfTables 129 }
1147:
1148: pfTblAddrEntry OBJECT-TYPE
1149: SYNTAX TblAddrEntry
1150: MAX-ACCESS not-accessible
1151: STATUS current
1152: DESCRIPTION
1153: "An entry containing management information applicable to a
1154: particular table."
1155: INDEX { pfTblAddrTblIndex, pfTblAddrNet, pfTblAddrMask }
1156: ::= { pfTblAddrTable 1 }
1157:
1158: TblAddrEntry ::=
1159: SEQUENCE {
1160: pfTblAddrTblIndex Integer32,
1161: pfTblAddrNet IpAddress,
1162: pfTblAddrMask Integer32,
1163: pfTblAddrCleared TimeTicks,
1164: pfTblAddrInBlockPkts Counter64,
1165: pfTblAddrInBlockBytes Counter64,
1166: pfTblAddrInPassPkts Counter64,
1167: pfTblAddrInPassBytes Counter64,
1168: pfTblAddrOutBlockPkts Counter64,
1169: pfTblAddrOutBlockBytes Counter64,
1170: pfTblAddrOutPassPkts Counter64,
1.3 ! joel 1171: pfTblAddrOutPassBytes Counter64,
! 1172: pfTblAddrInMatchPkts Counter64,
! 1173: pfTblAddrInMatchBytes Counter64,
! 1174: pfTblAddrOutMatchPkts Counter64,
! 1175: pfTblAddrOutMatchBytes Counter64
1.1 joel 1176: }
1177:
1178: pfTblAddrTblIndex OBJECT-TYPE
1179: SYNTAX Integer32 (1..2147483647)
1180: MAX-ACCESS read-only
1181: STATUS current
1182: DESCRIPTION
1183: "The index value which uniquely identifies the table which
1184: contains this pfTblAddrNet/pfTblAddrMask pair."
1185: ::= { pfTblAddrEntry 1 }
1186:
1187: pfTblAddrNet OBJECT-TYPE
1188: SYNTAX IpAddress
1189: MAX-ACCESS read-only
1190: STATUS current
1191: DESCRIPTION
1192: "The IP address portion of the CIDR network for this
1193: particular table entry."
1194: ::= { pfTblAddrEntry 2 }
1195:
1196: pfTblAddrMask OBJECT-TYPE
1197: SYNTAX Integer32 (0..32)
1198: MAX-ACCESS read-only
1199: STATUS current
1200: DESCRIPTION
1201: "The CIDR bitmask for this particular table entry."
1202: ::= { pfTblAddrEntry 3 }
1203:
1204: pfTblAddrCleared OBJECT-TYPE
1205: SYNTAX TimeTicks
1206: UNITS "1/100th of a Second"
1207: MAX-ACCESS read-only
1208: STATUS current
1209: DESCRIPTION
1210: "The time that's passed since the statistics where last cleared, or
1211: since the pfTblAddrNet/pfTblAddrMask pair was loaded into the table,
1212: whichever is sooner."
1213: ::= { pfTblAddrEntry 4 }
1214:
1215: pfTblAddrInBlockPkts OBJECT-TYPE
1216: SYNTAX Counter64
1217: MAX-ACCESS read-only
1218: STATUS current
1219: DESCRIPTION
1220: "The number of inbound packets blocked as a result of matching
1221: this table entry."
1222: ::= { pfTblAddrEntry 5 }
1223:
1224: pfTblAddrInBlockBytes OBJECT-TYPE
1225: SYNTAX Counter64
1226: MAX-ACCESS read-only
1227: STATUS current
1228: DESCRIPTION
1229: "The number of inbound bytes blocked as a result of matching
1230: this table entry."
1231: ::= { pfTblAddrEntry 6 }
1232:
1233: pfTblAddrInPassPkts OBJECT-TYPE
1234: SYNTAX Counter64
1235: MAX-ACCESS read-only
1236: STATUS current
1237: DESCRIPTION
1238: "The number of inbound packets passed as a result of matching
1239: this table entry."
1240: ::= { pfTblAddrEntry 7 }
1241:
1242: pfTblAddrInPassBytes OBJECT-TYPE
1243: SYNTAX Counter64
1244: MAX-ACCESS read-only
1245: STATUS current
1246: DESCRIPTION
1247: "The number of inbound bytes passed as a result of matching
1248: this table entry."
1249: ::= { pfTblAddrEntry 8 }
1250:
1251: pfTblAddrOutBlockPkts OBJECT-TYPE
1252: SYNTAX Counter64
1253: MAX-ACCESS read-only
1254: STATUS current
1255: DESCRIPTION
1256: "The number of outbound packets blocked as a result of matching
1257: this table entry."
1258: ::= { pfTblAddrEntry 9 }
1259:
1260: pfTblAddrOutBlockBytes OBJECT-TYPE
1261: SYNTAX Counter64
1262: MAX-ACCESS read-only
1263: STATUS current
1264: DESCRIPTION
1265: "The number of outbound bytes blocked as a result of matching
1266: this table entry."
1267: ::= { pfTblAddrEntry 10 }
1268:
1269: pfTblAddrOutPassPkts OBJECT-TYPE
1270: SYNTAX Counter64
1271: MAX-ACCESS read-only
1272: STATUS current
1273: DESCRIPTION
1274: "The number of outbound packets passed as a result of matchin
1275: this table entry."
1276: ::= { pfTblAddrEntry 11 }
1277:
1278: pfTblAddrOutPassBytes OBJECT-TYPE
1279: SYNTAX Counter64
1280: MAX-ACCESS read-only
1281: STATUS current
1282: DESCRIPTION
1283: "The number of outbound bytes passed as a result of matchg
1284: this table entry."
1285: ::= { pfTblAddrEntry 12 }
1.3 ! joel 1286:
! 1287: pfTblAddrInMatchPkts OBJECT-TYPE
! 1288: SYNTAX Counter64
! 1289: MAX-ACCESS read-only
! 1290: STATUS current
! 1291: DESCRIPTION
! 1292: "The number of inbound packets that hit a 'match' rule where
! 1293: this table entry was referenced."
! 1294: ::= { pfTblAddrEntry 13 }
! 1295:
! 1296: pfTblAddrInMatchBytes OBJECT-TYPE
! 1297: SYNTAX Counter64
! 1298: MAX-ACCESS read-only
! 1299: STATUS current
! 1300: DESCRIPTION
! 1301: "The total size in bytes of all inbound packets that hit
! 1302: a 'match' rule where this table entry was referenced."
! 1303: ::= { pfTblAddrEntry 14 }
! 1304:
! 1305: pfTblAddrOutMatchPkts OBJECT-TYPE
! 1306: SYNTAX Counter64
! 1307: MAX-ACCESS read-only
! 1308: STATUS current
! 1309: DESCRIPTION
! 1310: "The number of outbound packets that hit a 'match' rule where
! 1311: this table entry was referenced."
! 1312: ::= { pfTblAddrEntry 15 }
! 1313:
! 1314: pfTblAddrOutMatchBytes OBJECT-TYPE
! 1315: SYNTAX Counter64
! 1316: MAX-ACCESS read-only
! 1317: STATUS current
! 1318: DESCRIPTION
! 1319: "The total size in bytes of all outbound packets that hit
! 1320: a 'match' rule where this table entry was referenced."
! 1321: ::= { pfTblAddrEntry 16 }
1.1 joel 1322:
1323:
1324: -- pfLabels
1325:
1326: pfLabelNumber OBJECT-TYPE
1327: SYNTAX Integer32
1328: MAX-ACCESS read-only
1329: STATUS current
1330: DESCRIPTION
1331: "The number of labels in the active pf ruleset."
1332: ::= { pfLabels 1 }
1333:
1334: pfLabelTable OBJECT-TYPE
1335: SYNTAX SEQUENCE OF PfLabelEntry
1336: MAX-ACCESS not-accessible
1337: STATUS current
1338: DESCRIPTION
1339: "A list of individual labels. The number of entries is
1340: given by the value of pfLabelNumber."
1341: ::= { pfLabels 128 }
1342:
1343: pfLabelEntry OBJECT-TYPE
1344: SYNTAX PfLabelEntry
1345: MAX-ACCESS not-accessible
1346: STATUS current
1347: DESCRIPTION
1348: "An entry containing management information applicable to a
1349: particular label."
1350: INDEX { pfLabelIndex }
1351: ::= { pfLabelTable 1 }
1352:
1353: PfLabelEntry ::=
1354: SEQUENCE {
1355: pfLabelIndex Integer32,
1356: pfLabelName OCTET STRING,
1357: pfLabelEvals Counter64,
1358: pfLabelPkts Counter64,
1359: pfLabelBytes Counter64,
1360: pfLabelInPkts Counter64,
1361: pfLabelInBytes Counter64,
1362: pfLabelOutPkts Counter64,
1363: pfLabelOutBytes Counter64,
1364: pfLabelTotalStates Counter32
1365: }
1366:
1367: pfLabelIndex OBJECT-TYPE
1368: SYNTAX Integer32 (1..2147483647)
1369: MAX-ACCESS read-only
1370: STATUS current
1371: DESCRIPTION
1372: "A unique value, greater than zero, for each label."
1373: ::= { pfLabelEntry 1 }
1374:
1375: pfLabelName OBJECT-TYPE
1376: SYNTAX OCTET STRING
1377: MAX-ACCESS read-only
1378: STATUS current
1379: DESCRIPTION
1380: "The name of the label."
1381: ::= { pfLabelEntry 2 }
1382:
1383: pfLabelEvals OBJECT-TYPE
1384: SYNTAX Counter64
1385: MAX-ACCESS read-only
1386: STATUS current
1387: DESCRIPTION
1388: "The number of rule evaluations."
1389: ::= { pfLabelEntry 3 }
1390:
1391: pfLabelPkts OBJECT-TYPE
1392: SYNTAX Counter64
1393: MAX-ACCESS read-only
1394: STATUS current
1395: DESCRIPTION
1396: "The total number of packets matched by the rule."
1397: ::= { pfLabelEntry 4 }
1398:
1399: pfLabelBytes OBJECT-TYPE
1400: SYNTAX Counter64
1401: MAX-ACCESS read-only
1402: STATUS current
1403: DESCRIPTION
1404: "The total number of bytes matched by the rule."
1405: ::= { pfLabelEntry 5 }
1406:
1407: pfLabelInPkts OBJECT-TYPE
1408: SYNTAX Counter64
1409: MAX-ACCESS read-only
1410: STATUS current
1411: DESCRIPTION
1412: "The number of incoming packets matched by the rule."
1413: ::= { pfLabelEntry 6 }
1414:
1415: pfLabelInBytes OBJECT-TYPE
1416: SYNTAX Counter64
1417: MAX-ACCESS read-only
1418: STATUS current
1419: DESCRIPTION
1420: "The number of incoming bytes matched by the rule."
1421: ::= { pfLabelEntry 7 }
1422:
1423: pfLabelOutPkts OBJECT-TYPE
1424: SYNTAX Counter64
1425: MAX-ACCESS read-only
1426: STATUS current
1427: DESCRIPTION
1428: "The number of outgoing packets matched by the rule."
1429: ::= { pfLabelEntry 8 }
1430:
1431: pfLabelOutBytes OBJECT-TYPE
1432: SYNTAX Counter64
1433: MAX-ACCESS read-only
1434: STATUS current
1435: DESCRIPTION
1436: "The number of outgoing bytes matched by the rule."
1437: ::= { pfLabelEntry 9 }
1438:
1439: pfLabelTotalStates OBJECT-TYPE
1440: SYNTAX Counter32
1441: MAX-ACCESS read-only
1442: STATUS current
1443: DESCRIPTION
1444: "The total number of state table entries created by this rule
1445: since the ruleset was loaded."
1446: ::= { pfLabelEntry 10 }
1447:
1448:
1449: -- pfsyncStats
1450:
1451: pfsyncIpPktsRecv OBJECT-TYPE
1452: SYNTAX Counter64
1453: MAX-ACCESS read-only
1454: STATUS current
1455: DESCRIPTION
1456: "Number of IPv4 pfsync packets received on all interfaces."
1457: ::= { pfsyncStats 1 }
1458:
1459: pfsyncIp6PktsRecv OBJECT-TYPE
1460: SYNTAX Counter64
1461: MAX-ACCESS read-only
1462: STATUS current
1463: DESCRIPTION
1464: "Number of IPv6 pfsync packets received on all interfaces."
1465: ::= { pfsyncStats 2 }
1466:
1467: pfsyncPktDiscardsForBadInterface OBJECT-TYPE
1468: SYNTAX Counter64
1469: MAX-ACCESS read-only
1470: STATUS current
1471: DESCRIPTION
1472: "Number of pfsync packets discarded because it was received
1473: on an interface that is not running pfsync."
1474: ::= { pfsyncStats 3 }
1475:
1476: pfsyncPktDiscardsForBadTtl OBJECT-TYPE
1477: SYNTAX Counter64
1478: MAX-ACCESS read-only
1479: STATUS current
1480: DESCRIPTION
1481: "Number of pfsync packets discarded due to having a TTL less
1482: than 255."
1483: ::= { pfsyncStats 4 }
1484:
1485: pfsyncPktShorterThanHeader OBJECT-TYPE
1486: SYNTAX Counter64
1487: MAX-ACCESS read-only
1488: STATUS current
1489: DESCRIPTION
1490: "Number of pfsync packets received that had a length shorter
1491: than the pfsync packet header."
1492: ::= { pfsyncStats 5 }
1493:
1494: pfsyncPktDiscardsForBadVersion OBJECT-TYPE
1495: SYNTAX Counter64
1496: MAX-ACCESS read-only
1497: STATUS current
1498: DESCRIPTION
1499: "Number of pfsync packets discarded due to incorrect protocol
1500: version."
1501: ::= { pfsyncStats 6 }
1502:
1503: pfsyncPktDiscardsForBadAction OBJECT-TYPE
1504: SYNTAX Counter64
1505: MAX-ACCESS read-only
1506: STATUS current
1507: DESCRIPTION
1508: "Number of pfsync packets discarded due to an invalid pfsync
1509: action in the header."
1510: ::= { pfsyncStats 7 }
1511:
1512: pfsyncPktDiscardsForBadLength OBJECT-TYPE
1513: SYNTAX Counter64
1514: MAX-ACCESS read-only
1515: STATUS current
1516: DESCRIPTION
1517: "Number of pfsync packets discarded due to incorrect size."
1518: ::= { pfsyncStats 8 }
1519:
1520: pfsyncPktDiscardsForBadAuth OBJECT-TYPE
1521: SYNTAX Counter64
1522: MAX-ACCESS read-only
1523: STATUS current
1524: DESCRIPTION
1525: "Number of pfsync packets discarded due to authentication failure."
1526: ::= { pfsyncStats 9 }
1527:
1528: pfsyncPktDiscardsForStaleState OBJECT-TYPE
1529: SYNTAX Counter64
1530: MAX-ACCESS read-only
1531: STATUS current
1532: DESCRIPTION
1533: "Number of pfsync packets discarded because they tried to update
1534: a stale state entry."
1535: ::= { pfsyncStats 10 }
1536:
1537: pfsyncPktDiscardsForBadValues OBJECT-TYPE
1538: SYNTAX Counter64
1539: MAX-ACCESS read-only
1540: STATUS current
1541: DESCRIPTION
1542: "Number of pfsync packets discarded due to containing bad values."
1543: ::= { pfsyncStats 11 }
1544:
1545: pfsyncPktDiscardsForBadState OBJECT-TYPE
1546: SYNTAX Counter64
1547: MAX-ACCESS read-only
1548: STATUS current
1549: DESCRIPTION
1550: "Number of pfsync packets discarded due to state insert/lookup
1551: failure."
1552: ::= { pfsyncStats 12 }
1553:
1554: pfsyncIpPktsSent OBJECT-TYPE
1555: SYNTAX Counter64
1556: MAX-ACCESS read-only
1557: STATUS current
1558: DESCRIPTION
1559: "Number of IPv4 pfsync packets sent on all interfaces."
1560: ::= { pfsyncStats 13 }
1561:
1562: pfsyncIp6PktsSent OBJECT-TYPE
1563: SYNTAX Counter64
1564: MAX-ACCESS read-only
1565: STATUS current
1566: DESCRIPTION
1567: "Number of IPv6 pfsync packets sent on all interfaces."
1568: ::= { pfsyncStats 14 }
1569:
1570: pfsyncNoMemory OBJECT-TYPE
1571: SYNTAX Counter64
1572: MAX-ACCESS read-only
1573: STATUS current
1574: DESCRIPTION
1575: "Number of pfsync packets which could not be sent due to
1576: insufficient memory."
1577: ::= { pfsyncStats 15 }
1578:
1579: pfsyncOutputErrors OBJECT-TYPE
1580: SYNTAX Counter64
1581: MAX-ACCESS read-only
1582: STATUS current
1583: DESCRIPTION
1584: "Number of pfsync packets which could not be sent."
1585: ::= { pfsyncStats 16 }
1586:
1587: END
1588:
![[BACK]](/icons/back.gif){kind=icon}
Return to OPENBSD-PF-MIB.txt CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / share / snmp