Annotation of src/share/snmp/OPENBSD-PF-MIB.txt, Revision 1.5
1.5 ! mikeb 1: -- $OpenBSD: OPENBSD-PF-MIB.txt,v 1.4 2013/09/07 04:39:30 joel Exp $
1.1 joel 2: --
1.3 joel 3: -- Copyright (c) 2004-2013 Joel Knight <knight.joel@gmail.com>
1.1 joel 4: --
5: -- Permission to use, copy, modify, and distribute this document for any
6: -- purpose with or without fee is hereby granted, provided that the above
7: -- copyright notice and this permission notice appear in all copies.
8: --
9: -- THE DOCUMENT IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: -- WITH REGARD TO THIS DOCUMENT INCLUDING ALL IMPLIED WARRANTIES OF
11: -- MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: -- ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: -- WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: -- ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: -- OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS DOCUMENT.
16:
17:
18: OPENBSD-PF-MIB DEFINITIONS ::= BEGIN
19:
20: IMPORTS
21: MODULE-IDENTITY, NOTIFICATION-TYPE, OBJECT-TYPE,
22: Counter32, Counter64, Unsigned32, Integer32, IpAddress,
23: TimeTicks, enterprises
24: FROM SNMPv2-SMI
25:
26: TruthValue
27: FROM SNMPv2-TC
28:
29: openBSD
30: FROM OPENBSD-BASE-MIB
31:
32: MODULE-COMPLIANCE, OBJECT-GROUP
33: FROM SNMPv2-CONF;
34:
35: pfMIBObjects MODULE-IDENTITY
1.5 ! mikeb 36: LAST-UPDATED "201506091728Z"
1.1 joel 37: ORGANIZATION "OpenBSD"
38: CONTACT-INFO "
39: Author: Joel Knight
40: email: knight.joel@gmail.com
41: www: http://www.packetmischief.ca/openbsd-snmp-mibs/
42: "
43: DESCRIPTION "The MIB module for gathering information from
44: OpenBSD's packet filter.
45: "
1.5 ! mikeb 46: REVISION "201506091728Z"
! 47: DESCRIPTION "Add separate counter for failed 'route-to' applications"
1.3 joel 48: REVISION "201308310446Z"
49: DESCRIPTION "Add pf(4) table byte/packet counters for 'match' rules"
1.2 sthen 50: REVISION "201302242033Z"
51: DESCRIPTION "Add separate counter for failed translations"
1.1 joel 52: REVISION "201201260000Z"
53: DESCRIPTION "Add OPENBSD-PF-MIB to OpenBSD's snmpd"
54: ::= { openBSD 1 }
55:
56:
57: -- define the sections of the MIB
58:
59: pfInfo OBJECT IDENTIFIER ::= { pfMIBObjects 1 }
60: pfCounters OBJECT IDENTIFIER ::= { pfMIBObjects 2 }
61: pfStateTable OBJECT IDENTIFIER ::= { pfMIBObjects 3 }
62: pfLogInterface OBJECT IDENTIFIER ::= { pfMIBObjects 4 }
63: pfSrcTracking OBJECT IDENTIFIER ::= { pfMIBObjects 5 }
64: pfLimits OBJECT IDENTIFIER ::= { pfMIBObjects 6 }
65: pfTimeouts OBJECT IDENTIFIER ::= { pfMIBObjects 7 }
66: pfInterfaces OBJECT IDENTIFIER ::= { pfMIBObjects 8 }
67: pfTables OBJECT IDENTIFIER ::= { pfMIBObjects 9 }
68: pfLabels OBJECT IDENTIFIER ::= { pfMIBObjects 10 }
69: pfsyncStats OBJECT IDENTIFIER ::= { pfMIBObjects 11 }
70:
71:
72: -- pfInfo
73:
74: pfRunning OBJECT-TYPE
75: SYNTAX TruthValue
76: MAX-ACCESS read-only
77: STATUS current
78: DESCRIPTION
79: "Indicates whether pf is enabled or not."
80: ::= { pfInfo 1 }
81:
82: pfRuntime OBJECT-TYPE
83: SYNTAX TimeTicks
84: UNITS "1/100th of a Second"
85: MAX-ACCESS read-only
86: STATUS current
87: DESCRIPTION
88: "Indicates how long pf has been enabled. If pf is not
89: enabled, indicates how long pf has been disabled. If pf has not
90: been explicitly enabled or disabled since the system was booted,
91: the value will be 0."
92: ::= { pfInfo 2 }
93:
94: pfDebug OBJECT-TYPE
95: SYNTAX INTEGER {
96: emerg(0),
97: alert(1),
98: crit(2),
99: err(3),
100: warning(4),
101: notice(5),
102: info(6),
103: debug(7)
104: }
105: MAX-ACCESS read-only
106: STATUS current
107: DESCRIPTION
108: "Indicates the debug level that pf is running at."
109: ::= { pfInfo 3 }
110:
111: pfHostid OBJECT-TYPE
112: SYNTAX OCTET STRING
113: MAX-ACCESS read-only
114: STATUS current
115: DESCRIPTION
116: "The (unique) host id of the machine running pf."
117: ::= { pfInfo 4 }
118:
119:
120: -- pfCounters
121:
122: pfCntMatch OBJECT-TYPE
123: SYNTAX Counter64
124: MAX-ACCESS read-only
125: STATUS current
126: DESCRIPTION
127: "The number of packets that have matched a filter rule."
128: ::= { pfCounters 1 }
129:
130: pfCntBadOffset OBJECT-TYPE
131: SYNTAX Counter64
132: MAX-ACCESS read-only
133: STATUS current
134: DESCRIPTION
135: "The number of packets that have had a bad offset value."
136: ::= { pfCounters 2 }
137:
138: pfCntFragment OBJECT-TYPE
139: SYNTAX Counter64
140: MAX-ACCESS read-only
141: STATUS current
142: DESCRIPTION
143: "The number of packet fragments."
144: ::= { pfCounters 3 }
145:
146: pfCntShort OBJECT-TYPE
147: SYNTAX Counter64
148: MAX-ACCESS read-only
149: STATUS current
150: DESCRIPTION
151: "The number of packets that were too short to contain a valid header."
152: ::= { pfCounters 4 }
153:
154: pfCntNormalize OBJECT-TYPE
155: SYNTAX Counter64
156: MAX-ACCESS read-only
157: STATUS current
158: DESCRIPTION
159: "The number of packets that were normalized using the packet scrubber."
160: ::= { pfCounters 5 }
161:
162: pfCntMemory OBJECT-TYPE
163: SYNTAX Counter64
164: MAX-ACCESS read-only
165: STATUS current
166: DESCRIPTION
167: "The number of packets that were dropped due to memory limitations."
168: ::= { pfCounters 6 }
169:
170: pfCntTimestamp OBJECT-TYPE
171: SYNTAX Counter64
172: MAX-ACCESS read-only
173: STATUS current
174: DESCRIPTION
175: "The number of packets that were dropped due to improper RFC1323 timestamp."
176: ::= { pfCounters 7 }
177:
178: pfCntCongestion OBJECT-TYPE
179: SYNTAX Counter64
180: MAX-ACCESS read-only
181: STATUS current
182: DESCRIPTION
183: "The number of packets that were dropped due to congestion on the interface."
184: ::= { pfCounters 8 }
185:
186: pfCntIpOption OBJECT-TYPE
187: SYNTAX Counter64
188: MAX-ACCESS read-only
189: STATUS current
190: DESCRIPTION
191: "The number of packets that were dropped due to having options set in
192: the IP header."
193: ::= { pfCounters 9 }
194:
195: pfCntProtoCksum OBJECT-TYPE
196: SYNTAX Counter64
197: MAX-ACCESS read-only
198: STATUS current
199: DESCRIPTION
200: "The number of packets that were dropped due to memory limitations."
201: ::= { pfCounters 10 }
202:
203: pfCntStateMismatch OBJECT-TYPE
204: SYNTAX Counter64
205: MAX-ACCESS read-only
206: STATUS current
207: DESCRIPTION
208: "The number of packets that were dropped due to a state table mismatch."
209: ::= { pfCounters 11 }
210:
211: pfCntStateInsert OBJECT-TYPE
212: SYNTAX Counter64
213: MAX-ACCESS read-only
214: STATUS current
215: DESCRIPTION
216: "The number of packets that were dropped due to errors creating a
217: state table entry."
218: ::= { pfCounters 12 }
219:
220: pfCntStateLimit OBJECT-TYPE
221: SYNTAX Counter64
222: MAX-ACCESS read-only
223: STATUS current
224: DESCRIPTION
225: "The number of packets that were dropped due to the per-rule max
226: state limit being reached."
227: ::= { pfCounters 13 }
228:
229: pfCntSrcLimit OBJECT-TYPE
230: SYNTAX Counter64
231: MAX-ACCESS read-only
232: STATUS current
233: DESCRIPTION
234: "The number of packets that were dropped due to stateful connection
235: tracking. A packet could be dropped due to resource limits (memory)
236: or due to a tracking limit being reached."
237: ::= { pfCounters 14 }
238:
239: pfCntSynproxy OBJECT-TYPE
240: SYNTAX Counter64
241: MAX-ACCESS read-only
242: STATUS current
243: DESCRIPTION
244: "The number of packets that were dropped during the TCP synproxy process."
245: ::= { pfCounters 15 }
1.2 sthen 246:
247: pfCntTranslate OBJECT-TYPE
248: SYNTAX Counter64
249: MAX-ACCESS read-only
250: STATUS current
251: DESCRIPTION
252: "The number of packets that were dropped because network address
253: translation was requested and no unused port was available."
254: ::= { pfCounters 16 }
1.1 joel 255:
1.5 ! mikeb 256: pfCntNoRoute OBJECT-TYPE
! 257: SYNTAX Counter64
! 258: MAX-ACCESS read-only
! 259: STATUS current
! 260: DESCRIPTION
! 261: "The number of packets that were dropped because policy based routing
! 262: was requested but no target addresses were available."
! 263: ::= { pfCounters 17 }
1.1 joel 264:
265: -- pfStateTable
266:
267: pfStateCount OBJECT-TYPE
268: SYNTAX Unsigned32
269: MAX-ACCESS read-only
270: STATUS current
271: DESCRIPTION
272: "The number of entries in the state table."
273: ::= { pfStateTable 1 }
274:
275: pfStateSearches OBJECT-TYPE
276: SYNTAX Counter64
277: MAX-ACCESS read-only
278: STATUS current
279: DESCRIPTION
280: "The number of searches against the state table."
281: ::= { pfStateTable 2 }
282:
283: pfStateInserts OBJECT-TYPE
284: SYNTAX Counter64
285: MAX-ACCESS read-only
286: STATUS current
287: DESCRIPTION
288: "The number of inserts into the state table."
289: ::= { pfStateTable 3 }
290:
291: pfStateRemovals OBJECT-TYPE
292: SYNTAX Counter64
293: MAX-ACCESS read-only
294: STATUS current
295: DESCRIPTION
296: "The number of removals from the state table."
297: ::= { pfStateTable 4 }
298:
299:
300: -- pfLogInterface
301:
302: pfLogIfName OBJECT-TYPE
303: SYNTAX OCTET STRING
304: MAX-ACCESS read-only
305: STATUS current
306: DESCRIPTION
307: "The name of the interface configured using 'set loginterface'.
308: If no interface has been configured, the object will be empty."
309: ::= { pfLogInterface 1 }
310:
311: pfLogIfIpBytesIn OBJECT-TYPE
312: SYNTAX Counter64
313: MAX-ACCESS read-only
314: STATUS current
315: DESCRIPTION
316: "The number of IPv4 bytes passed in on the loginterface."
317: ::= { pfLogInterface 2 }
318:
319: pfLogIfIpBytesOut OBJECT-TYPE
320: SYNTAX Counter64
321: MAX-ACCESS read-only
322: STATUS current
323: DESCRIPTION
324: "The number of IPv4 bytes passed out on the loginterface."
325: ::= { pfLogInterface 3 }
326:
327: pfLogIfIpPktsInPass OBJECT-TYPE
328: SYNTAX Counter64
329: MAX-ACCESS read-only
330: STATUS current
331: DESCRIPTION
332: "The number of IPv4 packets passed in on the loginterface."
333: ::= { pfLogInterface 4 }
334:
335: pfLogIfIpPktsInDrop OBJECT-TYPE
336: SYNTAX Counter64
337: MAX-ACCESS read-only
338: STATUS current
339: DESCRIPTION
340: "The number of dropped IPv4 packets coming in on the loginterface."
341: ::= { pfLogInterface 5 }
342:
343: pfLogIfIpPktsOutPass OBJECT-TYPE
344: SYNTAX Counter64
345: MAX-ACCESS read-only
346: STATUS current
347: DESCRIPTION
348: "The number of IPv4 packets passed out on the loginterface."
349: ::= { pfLogInterface 6 }
350:
351: pfLogIfIpPktsOutDrop OBJECT-TYPE
352: SYNTAX Counter64
353: MAX-ACCESS read-only
354: STATUS current
355: DESCRIPTION
356: "The number of dropped IPv4 packets going out on the loginterface."
357: ::= { pfLogInterface 7 }
358:
359: pfLogIfIp6BytesIn OBJECT-TYPE
360: SYNTAX Counter64
361: MAX-ACCESS read-only
362: STATUS current
363: DESCRIPTION
364: "The number of IPv6 bytes passed in on the loginterface."
365: ::= { pfLogInterface 8 }
366:
367: pfLogIfIp6BytesOut OBJECT-TYPE
368: SYNTAX Counter64
369: MAX-ACCESS read-only
370: STATUS current
371: DESCRIPTION
372: "The number of IPv6 bytes passed out on the loginterface."
373: ::= { pfLogInterface 9 }
374:
375: pfLogIfIp6PktsInPass OBJECT-TYPE
376: SYNTAX Counter64
377: MAX-ACCESS read-only
378: STATUS current
379: DESCRIPTION
380: "The number of IPv6 packets passed in on the loginterface."
381: ::= { pfLogInterface 10 }
382:
383: pfLogIfIp6PktsInDrop OBJECT-TYPE
384: SYNTAX Counter64
385: MAX-ACCESS read-only
386: STATUS current
387: DESCRIPTION
388: "The number of dropped IPv6 packets coming in on the loginterface."
389: ::= { pfLogInterface 11 }
390:
391: pfLogIfIp6PktsOutPass OBJECT-TYPE
392: SYNTAX Counter64
393: MAX-ACCESS read-only
394: STATUS current
395: DESCRIPTION
396: "The number of IPv6 packets passed out on the loginterface."
397: ::= { pfLogInterface 12 }
398:
399: pfLogIfIp6PktsOutDrop OBJECT-TYPE
400: SYNTAX Counter64
401: MAX-ACCESS read-only
402: STATUS current
403: DESCRIPTION
404: "The number of dropped IPv6 packets going out on the loginterface."
405: ::= { pfLogInterface 13 }
406:
407:
408: -- pfSrcTracking
409:
410: pfSrcTrackCount OBJECT-TYPE
411: SYNTAX Unsigned32
412: MAX-ACCESS read-only
413: STATUS current
414: DESCRIPTION
415: "The number of entries in the source tracking table."
416: ::= { pfSrcTracking 1 }
417:
418: pfSrcTrackSearches OBJECT-TYPE
419: SYNTAX Counter64
420: MAX-ACCESS read-only
421: STATUS current
422: DESCRIPTION
423: "The number of searches against the source tracking table."
424: ::= { pfSrcTracking 2 }
425:
426: pfSrcTrackInserts OBJECT-TYPE
427: SYNTAX Counter64
428: MAX-ACCESS read-only
429: STATUS current
430: DESCRIPTION
431: "The number of inserts into the source tracking table."
432: ::= { pfSrcTracking 3 }
433:
434: pfSrcTrackRemovals OBJECT-TYPE
435: SYNTAX Counter64
436: MAX-ACCESS read-only
437: STATUS current
438: DESCRIPTION
439: "The number of removals from the source tracking table."
440: ::= { pfSrcTracking 4 }
441:
442:
443: -- pfLimits
444:
445: pfLimitStates OBJECT-TYPE
446: SYNTAX Unsigned32
447: MAX-ACCESS read-only
448: STATUS current
449: DESCRIPTION
450: "The maximum number of entries in the memory pool used by state
451: table entries (filter rules that specify 'keep state')."
452: ::= { pfLimits 1 }
453:
454: pfLimitSourceNodes OBJECT-TYPE
455: SYNTAX Unsigned32
456: MAX-ACCESS read-only
457: STATUS current
458: DESCRIPTION
459: "The maximum number of entries in the memory pool used for tracking
460: source IP addresses (filter rules that specify 'sticky-address' or
461: 'source-track' options)."
462: ::= { pfLimits 2 }
463:
464: pfLimitFragments OBJECT-TYPE
465: SYNTAX Unsigned32
466: MAX-ACCESS read-only
467: STATUS current
468: DESCRIPTION
469: "The maximum number of entries in the memory pool used for packet
470: reassembly (scrub rules)."
471: ::= { pfLimits 3 }
472:
473: pfLimitMaxTables OBJECT-TYPE
474: SYNTAX Unsigned32
475: MAX-ACCESS read-only
476: STATUS current
477: DESCRIPTION
478: "The maximum number of tables that can be created as part of the
479: active ruleset."
480: ::= { pfLimits 4 }
481:
482: pfLimitMaxTableEntries OBJECT-TYPE
483: SYNTAX Unsigned32
484: MAX-ACCESS read-only
485: STATUS current
486: DESCRIPTION
487: "The overall maximum number of addresses that can be stored in
488: tables."
489: ::= { pfLimits 5 }
490:
491:
492: -- pfTimeouts
493:
494: pfTimeoutTcpFirst OBJECT-TYPE
495: SYNTAX Integer32
496: MAX-ACCESS read-only
497: STATUS current
498: DESCRIPTION
499: "State after receiving the first TCP packet in a new connection."
500: ::= { pfTimeouts 1 }
501:
502: pfTimeoutTcpOpening OBJECT-TYPE
503: SYNTAX Integer32
504: MAX-ACCESS read-only
505: STATUS current
506: DESCRIPTION
507: "State before the destination host ever sends a packet in response
508: to a new connection from this host."
509: ::= { pfTimeouts 2 }
510:
511: pfTimeoutTcpEstablished OBJECT-TYPE
512: SYNTAX Integer32
513: MAX-ACCESS read-only
514: STATUS current
515: DESCRIPTION
516: "State when a TCP connection is fully established."
517: ::= { pfTimeouts 3 }
518:
519: pfTimeoutTcpClosing OBJECT-TYPE
520: SYNTAX Integer32
521: MAX-ACCESS read-only
522: STATUS current
523: DESCRIPTION
524: "State after the first FIN has been sent."
525: ::= { pfTimeouts 4 }
526:
527: pfTimeoutTcpFinWait OBJECT-TYPE
528: SYNTAX Integer32
529: MAX-ACCESS read-only
530: STATUS current
531: DESCRIPTION
532: "State after both FINs are sent and the connection is closed."
533: ::= { pfTimeouts 5 }
534:
535: pfTimeoutTcpClosed OBJECT-TYPE
536: SYNTAX Integer32
537: MAX-ACCESS read-only
538: STATUS current
539: DESCRIPTION
540: "State after the first RST has been sent."
541: ::= { pfTimeouts 6 }
542:
543: pfTimeoutUdpFirst OBJECT-TYPE
544: SYNTAX Integer32
545: MAX-ACCESS read-only
546: STATUS current
547: DESCRIPTION
548: "State after receiving the first UDP packet."
549: ::= { pfTimeouts 7 }
550:
551: pfTimeoutUdpSingle OBJECT-TYPE
552: SYNTAX Integer32
553: MAX-ACCESS read-only
554: STATUS current
555: DESCRIPTION
556: "State if the source sends more than 1 packet but the destination
557: has never sent a packet back."
558: ::= { pfTimeouts 8 }
559:
560: pfTimeoutUdpMultiple OBJECT-TYPE
561: SYNTAX Integer32
562: MAX-ACCESS read-only
563: STATUS current
564: DESCRIPTION
565: "State when both hosts have sent packets."
566: ::= { pfTimeouts 9 }
567:
568: pfTimeoutIcmpFirst OBJECT-TYPE
569: SYNTAX Integer32
570: MAX-ACCESS read-only
571: STATUS current
572: DESCRIPTION
573: "State after receiving the first ICMP packet."
574: ::= { pfTimeouts 10 }
575:
576: pfTimeoutIcmpError OBJECT-TYPE
577: SYNTAX Integer32
578: MAX-ACCESS read-only
579: STATUS current
580: DESCRIPTION
581: "State when an ICMP error comes back in response to an ICMP
582: packet."
583: ::= { pfTimeouts 11 }
584:
585: pfTimeoutOtherFirst OBJECT-TYPE
586: SYNTAX Integer32
587: MAX-ACCESS read-only
588: STATUS current
589: DESCRIPTION
590: "State after receiving the first packet."
591: ::= { pfTimeouts 12 }
592:
593: pfTimeoutOtherSingle OBJECT-TYPE
594: SYNTAX Integer32
595: MAX-ACCESS read-only
596: STATUS current
597: DESCRIPTION
598: "State if the source sends more than 1 packet but the destination
599: has never sent a packet back."
600: ::= { pfTimeouts 13 }
601:
602: pfTimeoutOtherMultiple OBJECT-TYPE
603: SYNTAX Integer32
604: MAX-ACCESS read-only
605: STATUS current
606: DESCRIPTION
607: "State when both hosts have sent packets."
608: ::= { pfTimeouts 14 }
609:
610: pfTimeoutFragment OBJECT-TYPE
611: SYNTAX Integer32
612: MAX-ACCESS read-only
613: STATUS current
614: DESCRIPTION
615: "How long before an unassembled fragment is expired."
616: ::= { pfTimeouts 15 }
617:
618: pfTimeoutInterval OBJECT-TYPE
619: SYNTAX Integer32
620: MAX-ACCESS read-only
621: STATUS current
622: DESCRIPTION
623: "Interval before purging expired states and fragments."
624: ::= { pfTimeouts 16 }
625:
626: pfTimeoutAdaptiveStart OBJECT-TYPE
627: SYNTAX Integer32
628: MAX-ACCESS read-only
629: STATUS current
630: DESCRIPTION
631: "When the number of state entries exceeds this value, adaptive
632: scaling begins."
633: ::= { pfTimeouts 17 }
634:
635: pfTimeoutAdaptiveEnd OBJECT-TYPE
636: SYNTAX Integer32
637: MAX-ACCESS read-only
638: STATUS current
639: DESCRIPTION
640: "When reaching this number of state entries, all timeout values
641: become zero, effectively purging all state entries immediately."
642: ::= { pfTimeouts 18 }
643:
644: pfTimeoutSrcTrack OBJECT-TYPE
645: SYNTAX Integer32
646: MAX-ACCESS read-only
647: STATUS current
648: DESCRIPTION
649: "Time that a source tracking entry will stay around after the
650: last state expires."
651: ::= { pfTimeouts 19 }
652:
653:
654: -- pfInterfaces
655:
656: pfIfNumber OBJECT-TYPE
657: SYNTAX Integer32
658: MAX-ACCESS read-only
659: STATUS current
660: DESCRIPTION
661: "The number of network interfaces present on this system."
662: ::= { pfInterfaces 1 }
663:
664: pfIfTable OBJECT-TYPE
665: SYNTAX SEQUENCE OF PfIfEntry
666: MAX-ACCESS not-accessible
667: STATUS current
668: DESCRIPTION
669: "A list of individual interfaces. The number of entries is
670: given by the value of pfIfNumber."
671: ::= { pfInterfaces 128 }
672:
673: pfIfEntry OBJECT-TYPE
674: SYNTAX PfIfEntry
675: MAX-ACCESS not-accessible
676: STATUS current
677: DESCRIPTION
678: "An entry containing management information applicable to a
679: particular interface."
680: INDEX { pfIfIndex }
681: ::= { pfIfTable 1 }
682:
683: PfIfEntry ::=
684: SEQUENCE {
685: pfIfIndex Integer32,
686: pfIfDescr OCTET STRING,
687: pfIfType INTEGER,
688: pfIfRefs Unsigned32,
689: pfIfRules Unsigned32,
690: pfIfIn4PassPkts Counter64,
691: pfIfIn4PassBytes Counter64,
692: pfIfIn4BlockPkts Counter64,
693: pfIfIn4BlockBytes Counter64,
694: pfIfOut4PassPkts Counter64,
695: pfIfOut4PassBytes Counter64,
696: pfIfOut4BlockPkts Counter64,
697: pfIfOut4BlockBytes Counter64,
698: pfIfIn6PassPkts Counter64,
699: pfIfIn6PassBytes Counter64,
700: pfIfIn6BlockPkts Counter64,
701: pfIfIn6BlockBytes Counter64,
702: pfIfOut6PassPkts Counter64,
703: pfIfOut6PassBytes Counter64,
704: pfIfOut6BlockPkts Counter64,
705: pfIfOut6BlockBytes Counter64
706: }
707:
708: pfIfIndex OBJECT-TYPE
709: SYNTAX Integer32 (1..2147483647)
710: MAX-ACCESS read-only
711: STATUS current
712: DESCRIPTION
713: "A unique value, greater than zero, for each interface. It
714: is recommended that values are assigned contiguously
715: starting from 1. The value for each interface sub-layer
716: must remain constant at least from one re-initialization of
717: the entity's network management system to the next re-
718: initialization."
719: ::= { pfIfEntry 1 }
720:
721: pfIfDescr OBJECT-TYPE
722: SYNTAX OCTET STRING
723: MAX-ACCESS read-only
724: STATUS current
725: DESCRIPTION
726: "The name of the interface."
727: ::= { pfIfEntry 2 }
728:
729: pfIfType OBJECT-TYPE
730: SYNTAX INTEGER { group(0), instance(1), detached(2) }
731: MAX-ACCESS read-only
732: STATUS current
733: DESCRIPTION
734: "Denotes whether the interface is a group interface, an interface
735: instance, or whether it's been removed or destroyed."
736: ::= { pfIfEntry 3 }
737:
738: pfIfRefs OBJECT-TYPE
739: SYNTAX Unsigned32
740: MAX-ACCESS read-only
741: STATUS current
742: DESCRIPTION
743: "The number of state and/or source track entries which reference
744: the interface."
745: ::= { pfIfEntry 4 }
746:
747: pfIfRules OBJECT-TYPE
748: SYNTAX Unsigned32
749: MAX-ACCESS read-only
750: STATUS current
751: DESCRIPTION
752: "The number of rules which reference the interface."
753: ::= { pfIfEntry 5 }
754:
755: pfIfIn4PassPkts OBJECT-TYPE
756: SYNTAX Counter64
757: MAX-ACCESS read-only
758: STATUS current
759: DESCRIPTION
760: "The number of IPv4 packets passed in."
761: ::= { pfIfEntry 6 }
762:
763: pfIfIn4PassBytes OBJECT-TYPE
764: SYNTAX Counter64
765: MAX-ACCESS read-only
766: STATUS current
767: DESCRIPTION
768: "The number of IPv4 bytes passed in."
769: ::= { pfIfEntry 7 }
770:
771: pfIfIn4BlockPkts OBJECT-TYPE
772: SYNTAX Counter64
773: MAX-ACCESS read-only
774: STATUS current
775: DESCRIPTION
776: "The number of incoming IPv4 packets blocked."
777: ::= { pfIfEntry 8 }
778:
779: pfIfIn4BlockBytes OBJECT-TYPE
780: SYNTAX Counter64
781: MAX-ACCESS read-only
782: STATUS current
783: DESCRIPTION
784: "The number of incoming IPv4 bytes blocked."
785: ::= { pfIfEntry 9 }
786:
787: pfIfOut4PassPkts OBJECT-TYPE
788: SYNTAX Counter64
789: MAX-ACCESS read-only
790: STATUS current
791: DESCRIPTION
792: "The number of IPv4 bytes passed out."
793: ::= { pfIfEntry 10 }
794:
795: pfIfOut4PassBytes OBJECT-TYPE
796: SYNTAX Counter64
797: MAX-ACCESS read-only
798: STATUS current
799: DESCRIPTION
800: "The number of IPv4 bytes passed out."
801: ::= { pfIfEntry 11 }
802:
803: pfIfOut4BlockPkts OBJECT-TYPE
804: SYNTAX Counter64
805: MAX-ACCESS read-only
806: STATUS current
807: DESCRIPTION
808: "The number of outgoing IPv4 bytes blocked."
809: ::= { pfIfEntry 12 }
810:
811: pfIfOut4BlockBytes OBJECT-TYPE
812: SYNTAX Counter64
813: MAX-ACCESS read-only
814: STATUS current
815: DESCRIPTION
816: "The number of outgoing IPv4 bytes blocked."
817: ::= { pfIfEntry 13 }
818:
819: pfIfIn6PassPkts OBJECT-TYPE
820: SYNTAX Counter64
821: MAX-ACCESS read-only
822: STATUS current
823: DESCRIPTION
824: "The number of IPv6 packets passed in."
825: ::= { pfIfEntry 14 }
826:
827: pfIfIn6PassBytes OBJECT-TYPE
828: SYNTAX Counter64
829: MAX-ACCESS read-only
830: STATUS current
831: DESCRIPTION
832: "The number of IPv6 bytes passed in."
833: ::= { pfIfEntry 15 }
834:
835: pfIfIn6BlockPkts OBJECT-TYPE
836: SYNTAX Counter64
837: MAX-ACCESS read-only
838: STATUS current
839: DESCRIPTION
840: "The number of incoming IPv6 packets blocked."
841: ::= { pfIfEntry 16 }
842:
843: pfIfIn6BlockBytes OBJECT-TYPE
844: SYNTAX Counter64
845: MAX-ACCESS read-only
846: STATUS current
847: DESCRIPTION
848: "The number of incoming IPv6 bytes blocked."
849: ::= { pfIfEntry 17 }
850:
851: pfIfOut6PassPkts OBJECT-TYPE
852: SYNTAX Counter64
853: MAX-ACCESS read-only
854: STATUS current
855: DESCRIPTION
856: "The number of IPv6 bytes passed out."
857: ::= { pfIfEntry 18 }
858:
859: pfIfOut6PassBytes OBJECT-TYPE
860: SYNTAX Counter64
861: MAX-ACCESS read-only
862: STATUS current
863: DESCRIPTION
864: "The number of IPv6 bytes passed out."
865: ::= { pfIfEntry 19 }
866:
867: pfIfOut6BlockPkts OBJECT-TYPE
868: SYNTAX Counter64
869: MAX-ACCESS read-only
870: STATUS current
871: DESCRIPTION
872: "The number of outgoing IPv6 bytes blocked."
873: ::= { pfIfEntry 20 }
874:
875: pfIfOut6BlockBytes OBJECT-TYPE
876: SYNTAX Counter64
877: MAX-ACCESS read-only
878: STATUS current
879: DESCRIPTION
880: "The number of outgoing IPv6 bytes blocked."
881: ::= { pfIfEntry 21 }
882:
883:
884: -- pfTables
885:
886: pfTblNumber OBJECT-TYPE
887: SYNTAX Integer32
888: MAX-ACCESS read-only
889: STATUS current
890: DESCRIPTION
891: "The number of tables present on this system."
892: ::= { pfTables 1 }
893:
894: pfTblTable OBJECT-TYPE
895: SYNTAX SEQUENCE OF TblEntry
896: MAX-ACCESS not-accessible
897: STATUS current
898: DESCRIPTION
899: "A list of individual tables. The number of entries is
900: given by the value of tblNumber."
901: ::= { pfTables 128 }
902:
903: pfTblEntry OBJECT-TYPE
904: SYNTAX TblEntry
905: MAX-ACCESS not-accessible
906: STATUS current
907: DESCRIPTION
908: "An entry containing management information applicable to a
909: particular table."
910: INDEX { pfTblIndex }
911: ::= { pfTblTable 1 }
912:
913: TblEntry ::=
914: SEQUENCE {
915: pfTblIndex Integer32,
1.4 joel 916: pfTblName OCTET STRING,
1.1 joel 917: pfTblAddresses Integer32,
918: pfTblAnchorRefs Integer32,
919: pfTblRuleRefs Integer32,
920: pfTblEvalsMatch Counter64,
1.4 joel 921: pfTblEvalsNoMatch Counter64,
1.1 joel 922: pfTblInPassPkts Counter64,
1.4 joel 923: pfTblInPassBytes Counter64,
924: pfTblInBlockPkts Counter64,
925: pfTblInBlockBytes Counter64,
926: pfTblInXPassPkts Counter64,
927: pfTblInXPassBytes Counter64,
928: pfTblOutPassPkts Counter64,
929: pfTblOutPassBytes Counter64,
930: pfTblOutBlockPkts Counter64,
1.1 joel 931: pfTblOutBlockBytes Counter64,
1.4 joel 932: pfTblOutXPassPkts Counter64,
1.1 joel 933: pfTblOutXPassBytes Counter64,
1.4 joel 934: pfTblStatsCleared TimeTicks,
935: pfTblInMatchPkts Counter64,
936: pfTblInMatchBytes Counter64,
937: pfTblOutMatchPkts Counter64,
938: pfTblOutMatchBytes Counter64
1.1 joel 939: }
940:
941: pfTblIndex OBJECT-TYPE
942: SYNTAX Integer32 (1..2147483647)
943: MAX-ACCESS read-only
944: STATUS current
945: DESCRIPTION
946: "A unique value, greater than zero, for each table."
947: ::= { pfTblEntry 1 }
948:
949: pfTblName OBJECT-TYPE
950: SYNTAX OCTET STRING
951: MAX-ACCESS read-only
952: STATUS current
953: DESCRIPTION
954: "The name of the table."
955: ::= { pfTblEntry 2 }
956:
957: pfTblAddresses OBJECT-TYPE
958: SYNTAX Integer32
959: MAX-ACCESS read-only
960: STATUS current
961: DESCRIPTION
962: "The number of addresses currently stored in the table."
963: ::= { pfTblEntry 3 }
964:
965: pfTblAnchorRefs OBJECT-TYPE
966: SYNTAX Integer32
967: MAX-ACCESS read-only
968: STATUS current
969: DESCRIPTION
970: "The number of anchors which reference the table."
971: ::= { pfTblEntry 4 }
972:
973: pfTblRuleRefs OBJECT-TYPE
974: SYNTAX Integer32
975: MAX-ACCESS read-only
976: STATUS current
977: DESCRIPTION
978: "The number of rules which reference the table."
979: ::= { pfTblEntry 5 }
980:
981: pfTblEvalsMatch OBJECT-TYPE
982: SYNTAX Counter64
983: MAX-ACCESS read-only
984: STATUS current
985: DESCRIPTION
986: "The number of table evaluations that produced a match."
987: ::= { pfTblEntry 6 }
988:
989: pfTblEvalsNoMatch OBJECT-TYPE
990: SYNTAX Counter64
991: MAX-ACCESS read-only
992: STATUS current
993: DESCRIPTION
994: "The number of table evaluations that didn't match."
995: ::= { pfTblEntry 7 }
996:
997: pfTblInPassPkts OBJECT-TYPE
998: SYNTAX Counter64
999: MAX-ACCESS read-only
1000: STATUS current
1001: DESCRIPTION
1002: "The number of packets passed in that matched the table."
1003: ::= { pfTblEntry 8 }
1004:
1005: pfTblInPassBytes OBJECT-TYPE
1006: SYNTAX Counter64
1007: MAX-ACCESS read-only
1008: STATUS current
1009: DESCRIPTION
1010: "The number of bytes passed in that matched the table."
1011: ::= { pfTblEntry 9 }
1012:
1013: pfTblInBlockPkts OBJECT-TYPE
1014: SYNTAX Counter64
1015: MAX-ACCESS read-only
1016: STATUS current
1017: DESCRIPTION
1018: "The number of incoming packets blocked that matched the table."
1019: ::= { pfTblEntry 10 }
1020:
1021: pfTblInBlockBytes OBJECT-TYPE
1022: SYNTAX Counter64
1023: MAX-ACCESS read-only
1024: STATUS current
1025: DESCRIPTION
1026: "The number incoming bytes blocked that matched the table."
1027: ::= { pfTblEntry 11 }
1028:
1029: pfTblInXPassPkts OBJECT-TYPE
1030: SYNTAX Counter64
1031: MAX-ACCESS read-only
1032: STATUS current
1033: DESCRIPTION
1034: "The number of packets statefully passed in where the state
1035: entry refers to the table, but the table no longer contains
1036: the address in question."
1037: ::= { pfTblEntry 12 }
1038:
1039: pfTblInXPassBytes OBJECT-TYPE
1040: SYNTAX Counter64
1041: MAX-ACCESS read-only
1042: STATUS current
1043: DESCRIPTION
1044: "The number of bytes statefully passed in where the state
1045: entry refers to the table, but the table no longer contains
1046: the address in question."
1047: ::= { pfTblEntry 13 }
1048:
1049: pfTblOutPassPkts OBJECT-TYPE
1050: SYNTAX Counter64
1051: MAX-ACCESS read-only
1052: STATUS current
1053: DESCRIPTION
1054: "The number of packets passed out that matched the table."
1055: ::= { pfTblEntry 14 }
1056:
1057: pfTblOutPassBytes OBJECT-TYPE
1058: SYNTAX Counter64
1059: MAX-ACCESS read-only
1060: STATUS current
1061: DESCRIPTION
1062: "The number of bytes passed out that matched the table."
1063: ::= { pfTblEntry 15 }
1064:
1065: pfTblOutBlockPkts OBJECT-TYPE
1066: SYNTAX Counter64
1067: MAX-ACCESS read-only
1068: STATUS current
1069: DESCRIPTION
1070: "The number of outgoing packets blocked that matched the table."
1071: ::= { pfTblEntry 16 }
1072:
1073: pfTblOutBlockBytes OBJECT-TYPE
1074: SYNTAX Counter64
1075: MAX-ACCESS read-only
1076: STATUS current
1077: DESCRIPTION
1078: "The number outgoing bytes blocked that matched the table."
1079: ::= { pfTblEntry 17 }
1080:
1081: pfTblOutXPassPkts OBJECT-TYPE
1082: SYNTAX Counter64
1083: MAX-ACCESS read-only
1084: STATUS current
1085: DESCRIPTION
1086: "The number of packets statefully passed out where the state
1087: entry refers to the table, but the table no longer contains
1088: the address in question."
1089: ::= { pfTblEntry 18 }
1090:
1091: pfTblOutXPassBytes OBJECT-TYPE
1092: SYNTAX Counter64
1093: MAX-ACCESS read-only
1094: STATUS current
1095: DESCRIPTION
1096: "The number of bytes statefully passed out where the state
1097: entry refers to the table, but the table no longer contains
1098: the address in question."
1099: ::= { pfTblEntry 19 }
1100:
1101: pfTblStatsCleared OBJECT-TYPE
1102: SYNTAX TimeTicks
1103: UNITS "1/100th of a Second"
1104: MAX-ACCESS read-only
1105: STATUS current
1106: DESCRIPTION
1107: "The number of seconds that have passed since the statistics
1108: for this pf table were zeroed."
1109: ::= { pfTblEntry 20 }
1110:
1.3 joel 1111: pfTblInMatchPkts OBJECT-TYPE
1112: SYNTAX Counter64
1113: MAX-ACCESS read-only
1114: STATUS current
1115: DESCRIPTION
1116: "The number of inbound packets that hit a 'match' rule where this
1117: particular table was referenced by the rule."
1118: ::= { pfTblEntry 21 }
1119:
1120: pfTblInMatchBytes OBJECT-TYPE
1121: SYNTAX Counter64
1122: MAX-ACCESS read-only
1123: STATUS current
1124: DESCRIPTION
1125: "The total size in bytes of all inbound packets that hit a
1126: 'match' rule where this particular table was referenced by
1127: the rule."
1128: ::= { pfTblEntry 22 }
1129:
1130: pfTblOutMatchPkts OBJECT-TYPE
1131: SYNTAX Counter64
1132: MAX-ACCESS read-only
1133: STATUS current
1134: DESCRIPTION
1135: "The number of outbound packets that hit a 'match' rule where this
1136: particular table was referenced by the rule."
1137: ::= { pfTblEntry 23 }
1138:
1139: pfTblOutMatchBytes OBJECT-TYPE
1140: SYNTAX Counter64
1141: MAX-ACCESS read-only
1142: STATUS current
1143: DESCRIPTION
1144: "The total size in bytes of all outbound packets that hit a
1145: 'match' rule where this particular table was referenced by
1146: the rule."
1147: ::= { pfTblEntry 24 }
1148:
1.1 joel 1149: pfTblAddrTable OBJECT-TYPE
1150: SYNTAX SEQUENCE OF TblAddrEntry
1151: MAX-ACCESS not-accessible
1152: STATUS current
1153: DESCRIPTION
1154: "A table containing the addresses/CIDR network blocks from
1155: every table on the system."
1156: ::= { pfTables 129 }
1157:
1158: pfTblAddrEntry OBJECT-TYPE
1159: SYNTAX TblAddrEntry
1160: MAX-ACCESS not-accessible
1161: STATUS current
1162: DESCRIPTION
1163: "An entry containing management information applicable to a
1164: particular table."
1165: INDEX { pfTblAddrTblIndex, pfTblAddrNet, pfTblAddrMask }
1166: ::= { pfTblAddrTable 1 }
1167:
1168: TblAddrEntry ::=
1169: SEQUENCE {
1.4 joel 1170: pfTblAddrTblIndex Integer32,
1.1 joel 1171: pfTblAddrNet IpAddress,
1172: pfTblAddrMask Integer32,
1.4 joel 1173: pfTblAddrCleared TimeTicks,
1.1 joel 1174: pfTblAddrInBlockPkts Counter64,
1175: pfTblAddrInBlockBytes Counter64,
1176: pfTblAddrInPassPkts Counter64,
1177: pfTblAddrInPassBytes Counter64,
1178: pfTblAddrOutBlockPkts Counter64,
1179: pfTblAddrOutBlockBytes Counter64,
1180: pfTblAddrOutPassPkts Counter64,
1.3 joel 1181: pfTblAddrOutPassBytes Counter64,
1182: pfTblAddrInMatchPkts Counter64,
1183: pfTblAddrInMatchBytes Counter64,
1184: pfTblAddrOutMatchPkts Counter64,
1185: pfTblAddrOutMatchBytes Counter64
1.1 joel 1186: }
1187:
1188: pfTblAddrTblIndex OBJECT-TYPE
1189: SYNTAX Integer32 (1..2147483647)
1190: MAX-ACCESS read-only
1191: STATUS current
1192: DESCRIPTION
1193: "The index value which uniquely identifies the table which
1194: contains this pfTblAddrNet/pfTblAddrMask pair."
1195: ::= { pfTblAddrEntry 1 }
1196:
1197: pfTblAddrNet OBJECT-TYPE
1198: SYNTAX IpAddress
1199: MAX-ACCESS read-only
1200: STATUS current
1201: DESCRIPTION
1202: "The IP address portion of the CIDR network for this
1203: particular table entry."
1204: ::= { pfTblAddrEntry 2 }
1205:
1206: pfTblAddrMask OBJECT-TYPE
1207: SYNTAX Integer32 (0..32)
1208: MAX-ACCESS read-only
1209: STATUS current
1210: DESCRIPTION
1211: "The CIDR bitmask for this particular table entry."
1212: ::= { pfTblAddrEntry 3 }
1213:
1214: pfTblAddrCleared OBJECT-TYPE
1215: SYNTAX TimeTicks
1216: UNITS "1/100th of a Second"
1217: MAX-ACCESS read-only
1218: STATUS current
1219: DESCRIPTION
1220: "The time that's passed since the statistics where last cleared, or
1221: since the pfTblAddrNet/pfTblAddrMask pair was loaded into the table,
1222: whichever is sooner."
1223: ::= { pfTblAddrEntry 4 }
1224:
1225: pfTblAddrInBlockPkts OBJECT-TYPE
1226: SYNTAX Counter64
1227: MAX-ACCESS read-only
1228: STATUS current
1229: DESCRIPTION
1230: "The number of inbound packets blocked as a result of matching
1231: this table entry."
1232: ::= { pfTblAddrEntry 5 }
1233:
1234: pfTblAddrInBlockBytes OBJECT-TYPE
1235: SYNTAX Counter64
1236: MAX-ACCESS read-only
1237: STATUS current
1238: DESCRIPTION
1239: "The number of inbound bytes blocked as a result of matching
1240: this table entry."
1241: ::= { pfTblAddrEntry 6 }
1242:
1243: pfTblAddrInPassPkts OBJECT-TYPE
1244: SYNTAX Counter64
1245: MAX-ACCESS read-only
1246: STATUS current
1247: DESCRIPTION
1248: "The number of inbound packets passed as a result of matching
1249: this table entry."
1250: ::= { pfTblAddrEntry 7 }
1251:
1252: pfTblAddrInPassBytes OBJECT-TYPE
1253: SYNTAX Counter64
1254: MAX-ACCESS read-only
1255: STATUS current
1256: DESCRIPTION
1257: "The number of inbound bytes passed as a result of matching
1258: this table entry."
1259: ::= { pfTblAddrEntry 8 }
1260:
1261: pfTblAddrOutBlockPkts OBJECT-TYPE
1262: SYNTAX Counter64
1263: MAX-ACCESS read-only
1264: STATUS current
1265: DESCRIPTION
1266: "The number of outbound packets blocked as a result of matching
1267: this table entry."
1268: ::= { pfTblAddrEntry 9 }
1269:
1270: pfTblAddrOutBlockBytes OBJECT-TYPE
1271: SYNTAX Counter64
1272: MAX-ACCESS read-only
1273: STATUS current
1274: DESCRIPTION
1275: "The number of outbound bytes blocked as a result of matching
1276: this table entry."
1277: ::= { pfTblAddrEntry 10 }
1278:
1279: pfTblAddrOutPassPkts OBJECT-TYPE
1280: SYNTAX Counter64
1281: MAX-ACCESS read-only
1282: STATUS current
1283: DESCRIPTION
1284: "The number of outbound packets passed as a result of matchin
1285: this table entry."
1286: ::= { pfTblAddrEntry 11 }
1287:
1288: pfTblAddrOutPassBytes OBJECT-TYPE
1289: SYNTAX Counter64
1290: MAX-ACCESS read-only
1291: STATUS current
1292: DESCRIPTION
1293: "The number of outbound bytes passed as a result of matchg
1294: this table entry."
1295: ::= { pfTblAddrEntry 12 }
1.3 joel 1296:
1297: pfTblAddrInMatchPkts OBJECT-TYPE
1298: SYNTAX Counter64
1299: MAX-ACCESS read-only
1300: STATUS current
1301: DESCRIPTION
1302: "The number of inbound packets that hit a 'match' rule where
1303: this table entry was referenced."
1304: ::= { pfTblAddrEntry 13 }
1305:
1306: pfTblAddrInMatchBytes OBJECT-TYPE
1307: SYNTAX Counter64
1308: MAX-ACCESS read-only
1309: STATUS current
1310: DESCRIPTION
1311: "The total size in bytes of all inbound packets that hit
1312: a 'match' rule where this table entry was referenced."
1313: ::= { pfTblAddrEntry 14 }
1314:
1315: pfTblAddrOutMatchPkts OBJECT-TYPE
1316: SYNTAX Counter64
1317: MAX-ACCESS read-only
1318: STATUS current
1319: DESCRIPTION
1320: "The number of outbound packets that hit a 'match' rule where
1321: this table entry was referenced."
1322: ::= { pfTblAddrEntry 15 }
1323:
1324: pfTblAddrOutMatchBytes OBJECT-TYPE
1325: SYNTAX Counter64
1326: MAX-ACCESS read-only
1327: STATUS current
1328: DESCRIPTION
1329: "The total size in bytes of all outbound packets that hit
1330: a 'match' rule where this table entry was referenced."
1331: ::= { pfTblAddrEntry 16 }
1.1 joel 1332:
1333:
1334: -- pfLabels
1335:
1336: pfLabelNumber OBJECT-TYPE
1337: SYNTAX Integer32
1338: MAX-ACCESS read-only
1339: STATUS current
1340: DESCRIPTION
1341: "The number of labels in the active pf ruleset."
1342: ::= { pfLabels 1 }
1343:
1344: pfLabelTable OBJECT-TYPE
1345: SYNTAX SEQUENCE OF PfLabelEntry
1346: MAX-ACCESS not-accessible
1347: STATUS current
1348: DESCRIPTION
1349: "A list of individual labels. The number of entries is
1350: given by the value of pfLabelNumber."
1351: ::= { pfLabels 128 }
1352:
1353: pfLabelEntry OBJECT-TYPE
1354: SYNTAX PfLabelEntry
1355: MAX-ACCESS not-accessible
1356: STATUS current
1357: DESCRIPTION
1358: "An entry containing management information applicable to a
1359: particular label."
1360: INDEX { pfLabelIndex }
1361: ::= { pfLabelTable 1 }
1362:
1363: PfLabelEntry ::=
1364: SEQUENCE {
1365: pfLabelIndex Integer32,
1366: pfLabelName OCTET STRING,
1367: pfLabelEvals Counter64,
1368: pfLabelPkts Counter64,
1369: pfLabelBytes Counter64,
1370: pfLabelInPkts Counter64,
1371: pfLabelInBytes Counter64,
1372: pfLabelOutPkts Counter64,
1373: pfLabelOutBytes Counter64,
1374: pfLabelTotalStates Counter32
1375: }
1376:
1377: pfLabelIndex OBJECT-TYPE
1378: SYNTAX Integer32 (1..2147483647)
1379: MAX-ACCESS read-only
1380: STATUS current
1381: DESCRIPTION
1382: "A unique value, greater than zero, for each label."
1383: ::= { pfLabelEntry 1 }
1384:
1385: pfLabelName OBJECT-TYPE
1386: SYNTAX OCTET STRING
1387: MAX-ACCESS read-only
1388: STATUS current
1389: DESCRIPTION
1390: "The name of the label."
1391: ::= { pfLabelEntry 2 }
1392:
1393: pfLabelEvals OBJECT-TYPE
1394: SYNTAX Counter64
1395: MAX-ACCESS read-only
1396: STATUS current
1397: DESCRIPTION
1398: "The number of rule evaluations."
1399: ::= { pfLabelEntry 3 }
1400:
1401: pfLabelPkts OBJECT-TYPE
1402: SYNTAX Counter64
1403: MAX-ACCESS read-only
1404: STATUS current
1405: DESCRIPTION
1406: "The total number of packets matched by the rule."
1407: ::= { pfLabelEntry 4 }
1408:
1409: pfLabelBytes OBJECT-TYPE
1410: SYNTAX Counter64
1411: MAX-ACCESS read-only
1412: STATUS current
1413: DESCRIPTION
1414: "The total number of bytes matched by the rule."
1415: ::= { pfLabelEntry 5 }
1416:
1417: pfLabelInPkts OBJECT-TYPE
1418: SYNTAX Counter64
1419: MAX-ACCESS read-only
1420: STATUS current
1421: DESCRIPTION
1422: "The number of incoming packets matched by the rule."
1423: ::= { pfLabelEntry 6 }
1424:
1425: pfLabelInBytes OBJECT-TYPE
1426: SYNTAX Counter64
1427: MAX-ACCESS read-only
1428: STATUS current
1429: DESCRIPTION
1430: "The number of incoming bytes matched by the rule."
1431: ::= { pfLabelEntry 7 }
1432:
1433: pfLabelOutPkts OBJECT-TYPE
1434: SYNTAX Counter64
1435: MAX-ACCESS read-only
1436: STATUS current
1437: DESCRIPTION
1438: "The number of outgoing packets matched by the rule."
1439: ::= { pfLabelEntry 8 }
1440:
1441: pfLabelOutBytes OBJECT-TYPE
1442: SYNTAX Counter64
1443: MAX-ACCESS read-only
1444: STATUS current
1445: DESCRIPTION
1446: "The number of outgoing bytes matched by the rule."
1447: ::= { pfLabelEntry 9 }
1448:
1449: pfLabelTotalStates OBJECT-TYPE
1450: SYNTAX Counter32
1451: MAX-ACCESS read-only
1452: STATUS current
1453: DESCRIPTION
1454: "The total number of state table entries created by this rule
1455: since the ruleset was loaded."
1456: ::= { pfLabelEntry 10 }
1457:
1458:
1459: -- pfsyncStats
1460:
1461: pfsyncIpPktsRecv OBJECT-TYPE
1462: SYNTAX Counter64
1463: MAX-ACCESS read-only
1464: STATUS current
1465: DESCRIPTION
1466: "Number of IPv4 pfsync packets received on all interfaces."
1467: ::= { pfsyncStats 1 }
1468:
1469: pfsyncIp6PktsRecv OBJECT-TYPE
1470: SYNTAX Counter64
1471: MAX-ACCESS read-only
1472: STATUS current
1473: DESCRIPTION
1474: "Number of IPv6 pfsync packets received on all interfaces."
1475: ::= { pfsyncStats 2 }
1476:
1477: pfsyncPktDiscardsForBadInterface OBJECT-TYPE
1478: SYNTAX Counter64
1479: MAX-ACCESS read-only
1480: STATUS current
1481: DESCRIPTION
1482: "Number of pfsync packets discarded because it was received
1483: on an interface that is not running pfsync."
1484: ::= { pfsyncStats 3 }
1485:
1486: pfsyncPktDiscardsForBadTtl OBJECT-TYPE
1487: SYNTAX Counter64
1488: MAX-ACCESS read-only
1489: STATUS current
1490: DESCRIPTION
1491: "Number of pfsync packets discarded due to having a TTL less
1492: than 255."
1493: ::= { pfsyncStats 4 }
1494:
1495: pfsyncPktShorterThanHeader OBJECT-TYPE
1496: SYNTAX Counter64
1497: MAX-ACCESS read-only
1498: STATUS current
1499: DESCRIPTION
1500: "Number of pfsync packets received that had a length shorter
1501: than the pfsync packet header."
1502: ::= { pfsyncStats 5 }
1503:
1504: pfsyncPktDiscardsForBadVersion OBJECT-TYPE
1505: SYNTAX Counter64
1506: MAX-ACCESS read-only
1507: STATUS current
1508: DESCRIPTION
1509: "Number of pfsync packets discarded due to incorrect protocol
1510: version."
1511: ::= { pfsyncStats 6 }
1512:
1513: pfsyncPktDiscardsForBadAction OBJECT-TYPE
1514: SYNTAX Counter64
1515: MAX-ACCESS read-only
1516: STATUS current
1517: DESCRIPTION
1518: "Number of pfsync packets discarded due to an invalid pfsync
1519: action in the header."
1520: ::= { pfsyncStats 7 }
1521:
1522: pfsyncPktDiscardsForBadLength OBJECT-TYPE
1523: SYNTAX Counter64
1524: MAX-ACCESS read-only
1525: STATUS current
1526: DESCRIPTION
1527: "Number of pfsync packets discarded due to incorrect size."
1528: ::= { pfsyncStats 8 }
1529:
1530: pfsyncPktDiscardsForBadAuth OBJECT-TYPE
1531: SYNTAX Counter64
1532: MAX-ACCESS read-only
1533: STATUS current
1534: DESCRIPTION
1535: "Number of pfsync packets discarded due to authentication failure."
1536: ::= { pfsyncStats 9 }
1537:
1538: pfsyncPktDiscardsForStaleState OBJECT-TYPE
1539: SYNTAX Counter64
1540: MAX-ACCESS read-only
1541: STATUS current
1542: DESCRIPTION
1543: "Number of pfsync packets discarded because they tried to update
1544: a stale state entry."
1545: ::= { pfsyncStats 10 }
1546:
1547: pfsyncPktDiscardsForBadValues OBJECT-TYPE
1548: SYNTAX Counter64
1549: MAX-ACCESS read-only
1550: STATUS current
1551: DESCRIPTION
1552: "Number of pfsync packets discarded due to containing bad values."
1553: ::= { pfsyncStats 11 }
1554:
1555: pfsyncPktDiscardsForBadState OBJECT-TYPE
1556: SYNTAX Counter64
1557: MAX-ACCESS read-only
1558: STATUS current
1559: DESCRIPTION
1560: "Number of pfsync packets discarded due to state insert/lookup
1561: failure."
1562: ::= { pfsyncStats 12 }
1563:
1564: pfsyncIpPktsSent OBJECT-TYPE
1565: SYNTAX Counter64
1566: MAX-ACCESS read-only
1567: STATUS current
1568: DESCRIPTION
1569: "Number of IPv4 pfsync packets sent on all interfaces."
1570: ::= { pfsyncStats 13 }
1571:
1572: pfsyncIp6PktsSent OBJECT-TYPE
1573: SYNTAX Counter64
1574: MAX-ACCESS read-only
1575: STATUS current
1576: DESCRIPTION
1577: "Number of IPv6 pfsync packets sent on all interfaces."
1578: ::= { pfsyncStats 14 }
1579:
1580: pfsyncNoMemory OBJECT-TYPE
1581: SYNTAX Counter64
1582: MAX-ACCESS read-only
1583: STATUS current
1584: DESCRIPTION
1585: "Number of pfsync packets which could not be sent due to
1586: insufficient memory."
1587: ::= { pfsyncStats 15 }
1588:
1589: pfsyncOutputErrors OBJECT-TYPE
1590: SYNTAX Counter64
1591: MAX-ACCESS read-only
1592: STATUS current
1593: DESCRIPTION
1594: "Number of pfsync packets which could not be sent."
1595: ::= { pfsyncStats 16 }
1596:
1597: END
1598:
![[BACK]](/icons/back.gif){kind=icon}
Return to OPENBSD-PF-MIB.txt CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / share / snmp