Annotation of src/share/snmp/OPENBSD-PF-MIB.txt, Revision 1.7
1.7 ! sthen 1: -- $OpenBSD: OPENBSD-PF-MIB.txt,v 1.6 2018/06/19 10:08:45 mpi Exp $
1.1 joel 2: --
1.3 joel 3: -- Copyright (c) 2004-2013 Joel Knight <knight.joel@gmail.com>
1.1 joel 4: --
5: -- Permission to use, copy, modify, and distribute this document for any
6: -- purpose with or without fee is hereby granted, provided that the above
7: -- copyright notice and this permission notice appear in all copies.
8: --
9: -- THE DOCUMENT IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: -- WITH REGARD TO THIS DOCUMENT INCLUDING ALL IMPLIED WARRANTIES OF
11: -- MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: -- ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: -- WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: -- ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: -- OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS DOCUMENT.
16:
17:
18: OPENBSD-PF-MIB DEFINITIONS ::= BEGIN
19:
20: IMPORTS
21: MODULE-IDENTITY, NOTIFICATION-TYPE, OBJECT-TYPE,
22: Counter32, Counter64, Unsigned32, Integer32, IpAddress,
23: TimeTicks, enterprises
24: FROM SNMPv2-SMI
25:
1.7 ! sthen 26: TruthValue, DisplayString
1.1 joel 27: FROM SNMPv2-TC
1.7 ! sthen 28:
! 29: SnmpAdminString
! 30: FROM SNMP-FRAMEWORK-MIB
! 31:
1.1 joel 32: openBSD
33: FROM OPENBSD-BASE-MIB
34:
35: MODULE-COMPLIANCE, OBJECT-GROUP
36: FROM SNMPv2-CONF;
37:
38: pfMIBObjects MODULE-IDENTITY
1.7 ! sthen 39: LAST-UPDATED "202103231933Z"
1.1 joel 40: ORGANIZATION "OpenBSD"
41: CONTACT-INFO "
42: Author: Joel Knight
43: email: knight.joel@gmail.com
44: www: http://www.packetmischief.ca/openbsd-snmp-mibs/
45: "
46: DESCRIPTION "The MIB module for gathering information from
47: OpenBSD's packet filter.
48: "
1.7 ! sthen 49: REVISION "202103231933Z"
! 50: DESCRIPTION "Use DisplayString/SnmpAdminString not OCTET STRING where appropriate"
1.5 mikeb 51: REVISION "201506091728Z"
52: DESCRIPTION "Add separate counter for failed 'route-to' applications"
1.3 joel 53: REVISION "201308310446Z"
54: DESCRIPTION "Add pf(4) table byte/packet counters for 'match' rules"
1.2 sthen 55: REVISION "201302242033Z"
56: DESCRIPTION "Add separate counter for failed translations"
1.1 joel 57: REVISION "201201260000Z"
58: DESCRIPTION "Add OPENBSD-PF-MIB to OpenBSD's snmpd"
59: ::= { openBSD 1 }
60:
61:
62: -- define the sections of the MIB
63:
64: pfInfo OBJECT IDENTIFIER ::= { pfMIBObjects 1 }
65: pfCounters OBJECT IDENTIFIER ::= { pfMIBObjects 2 }
66: pfStateTable OBJECT IDENTIFIER ::= { pfMIBObjects 3 }
67: pfLogInterface OBJECT IDENTIFIER ::= { pfMIBObjects 4 }
68: pfSrcTracking OBJECT IDENTIFIER ::= { pfMIBObjects 5 }
69: pfLimits OBJECT IDENTIFIER ::= { pfMIBObjects 6 }
70: pfTimeouts OBJECT IDENTIFIER ::= { pfMIBObjects 7 }
71: pfInterfaces OBJECT IDENTIFIER ::= { pfMIBObjects 8 }
72: pfTables OBJECT IDENTIFIER ::= { pfMIBObjects 9 }
73: pfLabels OBJECT IDENTIFIER ::= { pfMIBObjects 10 }
74: pfsyncStats OBJECT IDENTIFIER ::= { pfMIBObjects 11 }
75:
76:
77: -- pfInfo
78:
79: pfRunning OBJECT-TYPE
80: SYNTAX TruthValue
81: MAX-ACCESS read-only
82: STATUS current
83: DESCRIPTION
84: "Indicates whether pf is enabled or not."
85: ::= { pfInfo 1 }
86:
87: pfRuntime OBJECT-TYPE
88: SYNTAX TimeTicks
89: UNITS "1/100th of a Second"
90: MAX-ACCESS read-only
91: STATUS current
92: DESCRIPTION
93: "Indicates how long pf has been enabled. If pf is not
94: enabled, indicates how long pf has been disabled. If pf has not
95: been explicitly enabled or disabled since the system was booted,
96: the value will be 0."
97: ::= { pfInfo 2 }
98:
99: pfDebug OBJECT-TYPE
100: SYNTAX INTEGER {
101: emerg(0),
102: alert(1),
103: crit(2),
104: err(3),
105: warning(4),
106: notice(5),
107: info(6),
108: debug(7)
109: }
110: MAX-ACCESS read-only
111: STATUS current
112: DESCRIPTION
113: "Indicates the debug level that pf is running at."
114: ::= { pfInfo 3 }
115:
116: pfHostid OBJECT-TYPE
117: SYNTAX OCTET STRING
118: MAX-ACCESS read-only
119: STATUS current
120: DESCRIPTION
121: "The (unique) host id of the machine running pf."
122: ::= { pfInfo 4 }
123:
124:
125: -- pfCounters
126:
127: pfCntMatch OBJECT-TYPE
128: SYNTAX Counter64
129: MAX-ACCESS read-only
130: STATUS current
131: DESCRIPTION
132: "The number of packets that have matched a filter rule."
133: ::= { pfCounters 1 }
134:
135: pfCntBadOffset OBJECT-TYPE
136: SYNTAX Counter64
137: MAX-ACCESS read-only
138: STATUS current
139: DESCRIPTION
140: "The number of packets that have had a bad offset value."
141: ::= { pfCounters 2 }
142:
143: pfCntFragment OBJECT-TYPE
144: SYNTAX Counter64
145: MAX-ACCESS read-only
146: STATUS current
147: DESCRIPTION
148: "The number of packet fragments."
149: ::= { pfCounters 3 }
150:
151: pfCntShort OBJECT-TYPE
152: SYNTAX Counter64
153: MAX-ACCESS read-only
154: STATUS current
155: DESCRIPTION
156: "The number of packets that were too short to contain a valid header."
157: ::= { pfCounters 4 }
158:
159: pfCntNormalize OBJECT-TYPE
160: SYNTAX Counter64
161: MAX-ACCESS read-only
162: STATUS current
163: DESCRIPTION
164: "The number of packets that were normalized using the packet scrubber."
165: ::= { pfCounters 5 }
166:
167: pfCntMemory OBJECT-TYPE
168: SYNTAX Counter64
169: MAX-ACCESS read-only
170: STATUS current
171: DESCRIPTION
172: "The number of packets that were dropped due to memory limitations."
173: ::= { pfCounters 6 }
174:
175: pfCntTimestamp OBJECT-TYPE
176: SYNTAX Counter64
177: MAX-ACCESS read-only
178: STATUS current
179: DESCRIPTION
180: "The number of packets that were dropped due to improper RFC1323 timestamp."
181: ::= { pfCounters 7 }
182:
183: pfCntCongestion OBJECT-TYPE
184: SYNTAX Counter64
185: MAX-ACCESS read-only
186: STATUS current
187: DESCRIPTION
188: "The number of packets that were dropped due to congestion on the interface."
189: ::= { pfCounters 8 }
190:
191: pfCntIpOption OBJECT-TYPE
192: SYNTAX Counter64
193: MAX-ACCESS read-only
194: STATUS current
195: DESCRIPTION
196: "The number of packets that were dropped due to having options set in
197: the IP header."
198: ::= { pfCounters 9 }
199:
200: pfCntProtoCksum OBJECT-TYPE
201: SYNTAX Counter64
202: MAX-ACCESS read-only
203: STATUS current
204: DESCRIPTION
1.6 mpi 205: "The number of packets that were dropped due to TCP checksum failures."
1.1 joel 206: ::= { pfCounters 10 }
207:
208: pfCntStateMismatch OBJECT-TYPE
209: SYNTAX Counter64
210: MAX-ACCESS read-only
211: STATUS current
212: DESCRIPTION
213: "The number of packets that were dropped due to a state table mismatch."
214: ::= { pfCounters 11 }
215:
216: pfCntStateInsert OBJECT-TYPE
217: SYNTAX Counter64
218: MAX-ACCESS read-only
219: STATUS current
220: DESCRIPTION
221: "The number of packets that were dropped due to errors creating a
222: state table entry."
223: ::= { pfCounters 12 }
224:
225: pfCntStateLimit OBJECT-TYPE
226: SYNTAX Counter64
227: MAX-ACCESS read-only
228: STATUS current
229: DESCRIPTION
230: "The number of packets that were dropped due to the per-rule max
231: state limit being reached."
232: ::= { pfCounters 13 }
233:
234: pfCntSrcLimit OBJECT-TYPE
235: SYNTAX Counter64
236: MAX-ACCESS read-only
237: STATUS current
238: DESCRIPTION
239: "The number of packets that were dropped due to stateful connection
240: tracking. A packet could be dropped due to resource limits (memory)
241: or due to a tracking limit being reached."
242: ::= { pfCounters 14 }
243:
244: pfCntSynproxy OBJECT-TYPE
245: SYNTAX Counter64
246: MAX-ACCESS read-only
247: STATUS current
248: DESCRIPTION
249: "The number of packets that were dropped during the TCP synproxy process."
250: ::= { pfCounters 15 }
1.2 sthen 251:
252: pfCntTranslate OBJECT-TYPE
253: SYNTAX Counter64
254: MAX-ACCESS read-only
255: STATUS current
256: DESCRIPTION
257: "The number of packets that were dropped because network address
258: translation was requested and no unused port was available."
259: ::= { pfCounters 16 }
1.1 joel 260:
1.5 mikeb 261: pfCntNoRoute OBJECT-TYPE
262: SYNTAX Counter64
263: MAX-ACCESS read-only
264: STATUS current
265: DESCRIPTION
266: "The number of packets that were dropped because policy based routing
267: was requested but no target addresses were available."
268: ::= { pfCounters 17 }
1.1 joel 269:
270: -- pfStateTable
271:
272: pfStateCount OBJECT-TYPE
273: SYNTAX Unsigned32
274: MAX-ACCESS read-only
275: STATUS current
276: DESCRIPTION
277: "The number of entries in the state table."
278: ::= { pfStateTable 1 }
279:
280: pfStateSearches OBJECT-TYPE
281: SYNTAX Counter64
282: MAX-ACCESS read-only
283: STATUS current
284: DESCRIPTION
285: "The number of searches against the state table."
286: ::= { pfStateTable 2 }
287:
288: pfStateInserts OBJECT-TYPE
289: SYNTAX Counter64
290: MAX-ACCESS read-only
291: STATUS current
292: DESCRIPTION
293: "The number of inserts into the state table."
294: ::= { pfStateTable 3 }
295:
296: pfStateRemovals OBJECT-TYPE
297: SYNTAX Counter64
298: MAX-ACCESS read-only
299: STATUS current
300: DESCRIPTION
301: "The number of removals from the state table."
302: ::= { pfStateTable 4 }
303:
304:
305: -- pfLogInterface
306:
307: pfLogIfName OBJECT-TYPE
1.7 ! sthen 308: SYNTAX DisplayString
1.1 joel 309: MAX-ACCESS read-only
310: STATUS current
311: DESCRIPTION
312: "The name of the interface configured using 'set loginterface'.
313: If no interface has been configured, the object will be empty."
314: ::= { pfLogInterface 1 }
315:
316: pfLogIfIpBytesIn OBJECT-TYPE
317: SYNTAX Counter64
318: MAX-ACCESS read-only
319: STATUS current
320: DESCRIPTION
321: "The number of IPv4 bytes passed in on the loginterface."
322: ::= { pfLogInterface 2 }
323:
324: pfLogIfIpBytesOut OBJECT-TYPE
325: SYNTAX Counter64
326: MAX-ACCESS read-only
327: STATUS current
328: DESCRIPTION
329: "The number of IPv4 bytes passed out on the loginterface."
330: ::= { pfLogInterface 3 }
331:
332: pfLogIfIpPktsInPass OBJECT-TYPE
333: SYNTAX Counter64
334: MAX-ACCESS read-only
335: STATUS current
336: DESCRIPTION
337: "The number of IPv4 packets passed in on the loginterface."
338: ::= { pfLogInterface 4 }
339:
340: pfLogIfIpPktsInDrop OBJECT-TYPE
341: SYNTAX Counter64
342: MAX-ACCESS read-only
343: STATUS current
344: DESCRIPTION
345: "The number of dropped IPv4 packets coming in on the loginterface."
346: ::= { pfLogInterface 5 }
347:
348: pfLogIfIpPktsOutPass OBJECT-TYPE
349: SYNTAX Counter64
350: MAX-ACCESS read-only
351: STATUS current
352: DESCRIPTION
353: "The number of IPv4 packets passed out on the loginterface."
354: ::= { pfLogInterface 6 }
355:
356: pfLogIfIpPktsOutDrop OBJECT-TYPE
357: SYNTAX Counter64
358: MAX-ACCESS read-only
359: STATUS current
360: DESCRIPTION
361: "The number of dropped IPv4 packets going out on the loginterface."
362: ::= { pfLogInterface 7 }
363:
364: pfLogIfIp6BytesIn OBJECT-TYPE
365: SYNTAX Counter64
366: MAX-ACCESS read-only
367: STATUS current
368: DESCRIPTION
369: "The number of IPv6 bytes passed in on the loginterface."
370: ::= { pfLogInterface 8 }
371:
372: pfLogIfIp6BytesOut OBJECT-TYPE
373: SYNTAX Counter64
374: MAX-ACCESS read-only
375: STATUS current
376: DESCRIPTION
377: "The number of IPv6 bytes passed out on the loginterface."
378: ::= { pfLogInterface 9 }
379:
380: pfLogIfIp6PktsInPass OBJECT-TYPE
381: SYNTAX Counter64
382: MAX-ACCESS read-only
383: STATUS current
384: DESCRIPTION
385: "The number of IPv6 packets passed in on the loginterface."
386: ::= { pfLogInterface 10 }
387:
388: pfLogIfIp6PktsInDrop OBJECT-TYPE
389: SYNTAX Counter64
390: MAX-ACCESS read-only
391: STATUS current
392: DESCRIPTION
393: "The number of dropped IPv6 packets coming in on the loginterface."
394: ::= { pfLogInterface 11 }
395:
396: pfLogIfIp6PktsOutPass OBJECT-TYPE
397: SYNTAX Counter64
398: MAX-ACCESS read-only
399: STATUS current
400: DESCRIPTION
401: "The number of IPv6 packets passed out on the loginterface."
402: ::= { pfLogInterface 12 }
403:
404: pfLogIfIp6PktsOutDrop OBJECT-TYPE
405: SYNTAX Counter64
406: MAX-ACCESS read-only
407: STATUS current
408: DESCRIPTION
409: "The number of dropped IPv6 packets going out on the loginterface."
410: ::= { pfLogInterface 13 }
411:
412:
413: -- pfSrcTracking
414:
415: pfSrcTrackCount OBJECT-TYPE
416: SYNTAX Unsigned32
417: MAX-ACCESS read-only
418: STATUS current
419: DESCRIPTION
420: "The number of entries in the source tracking table."
421: ::= { pfSrcTracking 1 }
422:
423: pfSrcTrackSearches OBJECT-TYPE
424: SYNTAX Counter64
425: MAX-ACCESS read-only
426: STATUS current
427: DESCRIPTION
428: "The number of searches against the source tracking table."
429: ::= { pfSrcTracking 2 }
430:
431: pfSrcTrackInserts OBJECT-TYPE
432: SYNTAX Counter64
433: MAX-ACCESS read-only
434: STATUS current
435: DESCRIPTION
436: "The number of inserts into the source tracking table."
437: ::= { pfSrcTracking 3 }
438:
439: pfSrcTrackRemovals OBJECT-TYPE
440: SYNTAX Counter64
441: MAX-ACCESS read-only
442: STATUS current
443: DESCRIPTION
444: "The number of removals from the source tracking table."
445: ::= { pfSrcTracking 4 }
446:
447:
448: -- pfLimits
449:
450: pfLimitStates OBJECT-TYPE
451: SYNTAX Unsigned32
452: MAX-ACCESS read-only
453: STATUS current
454: DESCRIPTION
455: "The maximum number of entries in the memory pool used by state
456: table entries (filter rules that specify 'keep state')."
457: ::= { pfLimits 1 }
458:
459: pfLimitSourceNodes OBJECT-TYPE
460: SYNTAX Unsigned32
461: MAX-ACCESS read-only
462: STATUS current
463: DESCRIPTION
464: "The maximum number of entries in the memory pool used for tracking
465: source IP addresses (filter rules that specify 'sticky-address' or
466: 'source-track' options)."
467: ::= { pfLimits 2 }
468:
469: pfLimitFragments OBJECT-TYPE
470: SYNTAX Unsigned32
471: MAX-ACCESS read-only
472: STATUS current
473: DESCRIPTION
474: "The maximum number of entries in the memory pool used for packet
475: reassembly (scrub rules)."
476: ::= { pfLimits 3 }
477:
478: pfLimitMaxTables OBJECT-TYPE
479: SYNTAX Unsigned32
480: MAX-ACCESS read-only
481: STATUS current
482: DESCRIPTION
483: "The maximum number of tables that can be created as part of the
484: active ruleset."
485: ::= { pfLimits 4 }
486:
487: pfLimitMaxTableEntries OBJECT-TYPE
488: SYNTAX Unsigned32
489: MAX-ACCESS read-only
490: STATUS current
491: DESCRIPTION
492: "The overall maximum number of addresses that can be stored in
493: tables."
494: ::= { pfLimits 5 }
495:
496:
497: -- pfTimeouts
498:
499: pfTimeoutTcpFirst OBJECT-TYPE
500: SYNTAX Integer32
501: MAX-ACCESS read-only
502: STATUS current
503: DESCRIPTION
504: "State after receiving the first TCP packet in a new connection."
505: ::= { pfTimeouts 1 }
506:
507: pfTimeoutTcpOpening OBJECT-TYPE
508: SYNTAX Integer32
509: MAX-ACCESS read-only
510: STATUS current
511: DESCRIPTION
512: "State before the destination host ever sends a packet in response
513: to a new connection from this host."
514: ::= { pfTimeouts 2 }
515:
516: pfTimeoutTcpEstablished OBJECT-TYPE
517: SYNTAX Integer32
518: MAX-ACCESS read-only
519: STATUS current
520: DESCRIPTION
521: "State when a TCP connection is fully established."
522: ::= { pfTimeouts 3 }
523:
524: pfTimeoutTcpClosing OBJECT-TYPE
525: SYNTAX Integer32
526: MAX-ACCESS read-only
527: STATUS current
528: DESCRIPTION
529: "State after the first FIN has been sent."
530: ::= { pfTimeouts 4 }
531:
532: pfTimeoutTcpFinWait OBJECT-TYPE
533: SYNTAX Integer32
534: MAX-ACCESS read-only
535: STATUS current
536: DESCRIPTION
537: "State after both FINs are sent and the connection is closed."
538: ::= { pfTimeouts 5 }
539:
540: pfTimeoutTcpClosed OBJECT-TYPE
541: SYNTAX Integer32
542: MAX-ACCESS read-only
543: STATUS current
544: DESCRIPTION
545: "State after the first RST has been sent."
546: ::= { pfTimeouts 6 }
547:
548: pfTimeoutUdpFirst OBJECT-TYPE
549: SYNTAX Integer32
550: MAX-ACCESS read-only
551: STATUS current
552: DESCRIPTION
553: "State after receiving the first UDP packet."
554: ::= { pfTimeouts 7 }
555:
556: pfTimeoutUdpSingle OBJECT-TYPE
557: SYNTAX Integer32
558: MAX-ACCESS read-only
559: STATUS current
560: DESCRIPTION
561: "State if the source sends more than 1 packet but the destination
562: has never sent a packet back."
563: ::= { pfTimeouts 8 }
564:
565: pfTimeoutUdpMultiple OBJECT-TYPE
566: SYNTAX Integer32
567: MAX-ACCESS read-only
568: STATUS current
569: DESCRIPTION
570: "State when both hosts have sent packets."
571: ::= { pfTimeouts 9 }
572:
573: pfTimeoutIcmpFirst OBJECT-TYPE
574: SYNTAX Integer32
575: MAX-ACCESS read-only
576: STATUS current
577: DESCRIPTION
578: "State after receiving the first ICMP packet."
579: ::= { pfTimeouts 10 }
580:
581: pfTimeoutIcmpError OBJECT-TYPE
582: SYNTAX Integer32
583: MAX-ACCESS read-only
584: STATUS current
585: DESCRIPTION
586: "State when an ICMP error comes back in response to an ICMP
587: packet."
588: ::= { pfTimeouts 11 }
589:
590: pfTimeoutOtherFirst OBJECT-TYPE
591: SYNTAX Integer32
592: MAX-ACCESS read-only
593: STATUS current
594: DESCRIPTION
595: "State after receiving the first packet."
596: ::= { pfTimeouts 12 }
597:
598: pfTimeoutOtherSingle OBJECT-TYPE
599: SYNTAX Integer32
600: MAX-ACCESS read-only
601: STATUS current
602: DESCRIPTION
603: "State if the source sends more than 1 packet but the destination
604: has never sent a packet back."
605: ::= { pfTimeouts 13 }
606:
607: pfTimeoutOtherMultiple OBJECT-TYPE
608: SYNTAX Integer32
609: MAX-ACCESS read-only
610: STATUS current
611: DESCRIPTION
612: "State when both hosts have sent packets."
613: ::= { pfTimeouts 14 }
614:
615: pfTimeoutFragment OBJECT-TYPE
616: SYNTAX Integer32
617: MAX-ACCESS read-only
618: STATUS current
619: DESCRIPTION
620: "How long before an unassembled fragment is expired."
621: ::= { pfTimeouts 15 }
622:
623: pfTimeoutInterval OBJECT-TYPE
624: SYNTAX Integer32
625: MAX-ACCESS read-only
626: STATUS current
627: DESCRIPTION
628: "Interval before purging expired states and fragments."
629: ::= { pfTimeouts 16 }
630:
631: pfTimeoutAdaptiveStart OBJECT-TYPE
632: SYNTAX Integer32
633: MAX-ACCESS read-only
634: STATUS current
635: DESCRIPTION
636: "When the number of state entries exceeds this value, adaptive
637: scaling begins."
638: ::= { pfTimeouts 17 }
639:
640: pfTimeoutAdaptiveEnd OBJECT-TYPE
641: SYNTAX Integer32
642: MAX-ACCESS read-only
643: STATUS current
644: DESCRIPTION
645: "When reaching this number of state entries, all timeout values
646: become zero, effectively purging all state entries immediately."
647: ::= { pfTimeouts 18 }
648:
649: pfTimeoutSrcTrack OBJECT-TYPE
650: SYNTAX Integer32
651: MAX-ACCESS read-only
652: STATUS current
653: DESCRIPTION
654: "Time that a source tracking entry will stay around after the
655: last state expires."
656: ::= { pfTimeouts 19 }
657:
658:
659: -- pfInterfaces
660:
661: pfIfNumber OBJECT-TYPE
662: SYNTAX Integer32
663: MAX-ACCESS read-only
664: STATUS current
665: DESCRIPTION
666: "The number of network interfaces present on this system."
667: ::= { pfInterfaces 1 }
668:
669: pfIfTable OBJECT-TYPE
670: SYNTAX SEQUENCE OF PfIfEntry
671: MAX-ACCESS not-accessible
672: STATUS current
673: DESCRIPTION
674: "A list of individual interfaces. The number of entries is
675: given by the value of pfIfNumber."
676: ::= { pfInterfaces 128 }
677:
678: pfIfEntry OBJECT-TYPE
679: SYNTAX PfIfEntry
680: MAX-ACCESS not-accessible
681: STATUS current
682: DESCRIPTION
683: "An entry containing management information applicable to a
684: particular interface."
685: INDEX { pfIfIndex }
686: ::= { pfIfTable 1 }
687:
688: PfIfEntry ::=
689: SEQUENCE {
690: pfIfIndex Integer32,
1.7 ! sthen 691: pfIfDescr DisplayString,
1.1 joel 692: pfIfType INTEGER,
693: pfIfRefs Unsigned32,
694: pfIfRules Unsigned32,
695: pfIfIn4PassPkts Counter64,
696: pfIfIn4PassBytes Counter64,
697: pfIfIn4BlockPkts Counter64,
698: pfIfIn4BlockBytes Counter64,
699: pfIfOut4PassPkts Counter64,
700: pfIfOut4PassBytes Counter64,
701: pfIfOut4BlockPkts Counter64,
702: pfIfOut4BlockBytes Counter64,
703: pfIfIn6PassPkts Counter64,
704: pfIfIn6PassBytes Counter64,
705: pfIfIn6BlockPkts Counter64,
706: pfIfIn6BlockBytes Counter64,
707: pfIfOut6PassPkts Counter64,
708: pfIfOut6PassBytes Counter64,
709: pfIfOut6BlockPkts Counter64,
710: pfIfOut6BlockBytes Counter64
711: }
712:
713: pfIfIndex OBJECT-TYPE
714: SYNTAX Integer32 (1..2147483647)
715: MAX-ACCESS read-only
716: STATUS current
717: DESCRIPTION
718: "A unique value, greater than zero, for each interface. It
719: is recommended that values are assigned contiguously
720: starting from 1. The value for each interface sub-layer
721: must remain constant at least from one re-initialization of
722: the entity's network management system to the next re-
723: initialization."
724: ::= { pfIfEntry 1 }
725:
726: pfIfDescr OBJECT-TYPE
1.7 ! sthen 727: SYNTAX DisplayString
1.1 joel 728: MAX-ACCESS read-only
729: STATUS current
730: DESCRIPTION
731: "The name of the interface."
732: ::= { pfIfEntry 2 }
733:
734: pfIfType OBJECT-TYPE
735: SYNTAX INTEGER { group(0), instance(1), detached(2) }
736: MAX-ACCESS read-only
737: STATUS current
738: DESCRIPTION
739: "Denotes whether the interface is a group interface, an interface
740: instance, or whether it's been removed or destroyed."
741: ::= { pfIfEntry 3 }
742:
743: pfIfRefs OBJECT-TYPE
744: SYNTAX Unsigned32
745: MAX-ACCESS read-only
746: STATUS current
747: DESCRIPTION
748: "The number of state and/or source track entries which reference
749: the interface."
750: ::= { pfIfEntry 4 }
751:
752: pfIfRules OBJECT-TYPE
753: SYNTAX Unsigned32
754: MAX-ACCESS read-only
755: STATUS current
756: DESCRIPTION
757: "The number of rules which reference the interface."
758: ::= { pfIfEntry 5 }
759:
760: pfIfIn4PassPkts OBJECT-TYPE
761: SYNTAX Counter64
762: MAX-ACCESS read-only
763: STATUS current
764: DESCRIPTION
765: "The number of IPv4 packets passed in."
766: ::= { pfIfEntry 6 }
767:
768: pfIfIn4PassBytes OBJECT-TYPE
769: SYNTAX Counter64
770: MAX-ACCESS read-only
771: STATUS current
772: DESCRIPTION
773: "The number of IPv4 bytes passed in."
774: ::= { pfIfEntry 7 }
775:
776: pfIfIn4BlockPkts OBJECT-TYPE
777: SYNTAX Counter64
778: MAX-ACCESS read-only
779: STATUS current
780: DESCRIPTION
781: "The number of incoming IPv4 packets blocked."
782: ::= { pfIfEntry 8 }
783:
784: pfIfIn4BlockBytes OBJECT-TYPE
785: SYNTAX Counter64
786: MAX-ACCESS read-only
787: STATUS current
788: DESCRIPTION
789: "The number of incoming IPv4 bytes blocked."
790: ::= { pfIfEntry 9 }
791:
792: pfIfOut4PassPkts OBJECT-TYPE
793: SYNTAX Counter64
794: MAX-ACCESS read-only
795: STATUS current
796: DESCRIPTION
797: "The number of IPv4 bytes passed out."
798: ::= { pfIfEntry 10 }
799:
800: pfIfOut4PassBytes OBJECT-TYPE
801: SYNTAX Counter64
802: MAX-ACCESS read-only
803: STATUS current
804: DESCRIPTION
805: "The number of IPv4 bytes passed out."
806: ::= { pfIfEntry 11 }
807:
808: pfIfOut4BlockPkts OBJECT-TYPE
809: SYNTAX Counter64
810: MAX-ACCESS read-only
811: STATUS current
812: DESCRIPTION
813: "The number of outgoing IPv4 bytes blocked."
814: ::= { pfIfEntry 12 }
815:
816: pfIfOut4BlockBytes OBJECT-TYPE
817: SYNTAX Counter64
818: MAX-ACCESS read-only
819: STATUS current
820: DESCRIPTION
821: "The number of outgoing IPv4 bytes blocked."
822: ::= { pfIfEntry 13 }
823:
824: pfIfIn6PassPkts OBJECT-TYPE
825: SYNTAX Counter64
826: MAX-ACCESS read-only
827: STATUS current
828: DESCRIPTION
829: "The number of IPv6 packets passed in."
830: ::= { pfIfEntry 14 }
831:
832: pfIfIn6PassBytes OBJECT-TYPE
833: SYNTAX Counter64
834: MAX-ACCESS read-only
835: STATUS current
836: DESCRIPTION
837: "The number of IPv6 bytes passed in."
838: ::= { pfIfEntry 15 }
839:
840: pfIfIn6BlockPkts OBJECT-TYPE
841: SYNTAX Counter64
842: MAX-ACCESS read-only
843: STATUS current
844: DESCRIPTION
845: "The number of incoming IPv6 packets blocked."
846: ::= { pfIfEntry 16 }
847:
848: pfIfIn6BlockBytes OBJECT-TYPE
849: SYNTAX Counter64
850: MAX-ACCESS read-only
851: STATUS current
852: DESCRIPTION
853: "The number of incoming IPv6 bytes blocked."
854: ::= { pfIfEntry 17 }
855:
856: pfIfOut6PassPkts OBJECT-TYPE
857: SYNTAX Counter64
858: MAX-ACCESS read-only
859: STATUS current
860: DESCRIPTION
861: "The number of IPv6 bytes passed out."
862: ::= { pfIfEntry 18 }
863:
864: pfIfOut6PassBytes OBJECT-TYPE
865: SYNTAX Counter64
866: MAX-ACCESS read-only
867: STATUS current
868: DESCRIPTION
869: "The number of IPv6 bytes passed out."
870: ::= { pfIfEntry 19 }
871:
872: pfIfOut6BlockPkts OBJECT-TYPE
873: SYNTAX Counter64
874: MAX-ACCESS read-only
875: STATUS current
876: DESCRIPTION
877: "The number of outgoing IPv6 bytes blocked."
878: ::= { pfIfEntry 20 }
879:
880: pfIfOut6BlockBytes OBJECT-TYPE
881: SYNTAX Counter64
882: MAX-ACCESS read-only
883: STATUS current
884: DESCRIPTION
885: "The number of outgoing IPv6 bytes blocked."
886: ::= { pfIfEntry 21 }
887:
888:
889: -- pfTables
890:
891: pfTblNumber OBJECT-TYPE
892: SYNTAX Integer32
893: MAX-ACCESS read-only
894: STATUS current
895: DESCRIPTION
896: "The number of tables present on this system."
897: ::= { pfTables 1 }
898:
899: pfTblTable OBJECT-TYPE
900: SYNTAX SEQUENCE OF TblEntry
901: MAX-ACCESS not-accessible
902: STATUS current
903: DESCRIPTION
904: "A list of individual tables. The number of entries is
905: given by the value of tblNumber."
906: ::= { pfTables 128 }
907:
908: pfTblEntry OBJECT-TYPE
909: SYNTAX TblEntry
910: MAX-ACCESS not-accessible
911: STATUS current
912: DESCRIPTION
913: "An entry containing management information applicable to a
914: particular table."
915: INDEX { pfTblIndex }
916: ::= { pfTblTable 1 }
917:
918: TblEntry ::=
919: SEQUENCE {
920: pfTblIndex Integer32,
1.7 ! sthen 921: pfTblName SnmpAdminString,
1.1 joel 922: pfTblAddresses Integer32,
923: pfTblAnchorRefs Integer32,
924: pfTblRuleRefs Integer32,
925: pfTblEvalsMatch Counter64,
1.4 joel 926: pfTblEvalsNoMatch Counter64,
1.1 joel 927: pfTblInPassPkts Counter64,
1.4 joel 928: pfTblInPassBytes Counter64,
929: pfTblInBlockPkts Counter64,
930: pfTblInBlockBytes Counter64,
931: pfTblInXPassPkts Counter64,
932: pfTblInXPassBytes Counter64,
933: pfTblOutPassPkts Counter64,
934: pfTblOutPassBytes Counter64,
935: pfTblOutBlockPkts Counter64,
1.1 joel 936: pfTblOutBlockBytes Counter64,
1.4 joel 937: pfTblOutXPassPkts Counter64,
1.1 joel 938: pfTblOutXPassBytes Counter64,
1.4 joel 939: pfTblStatsCleared TimeTicks,
940: pfTblInMatchPkts Counter64,
941: pfTblInMatchBytes Counter64,
942: pfTblOutMatchPkts Counter64,
943: pfTblOutMatchBytes Counter64
1.1 joel 944: }
945:
946: pfTblIndex OBJECT-TYPE
947: SYNTAX Integer32 (1..2147483647)
948: MAX-ACCESS read-only
949: STATUS current
950: DESCRIPTION
951: "A unique value, greater than zero, for each table."
952: ::= { pfTblEntry 1 }
953:
954: pfTblName OBJECT-TYPE
1.7 ! sthen 955: SYNTAX SnmpAdminString
1.1 joel 956: MAX-ACCESS read-only
957: STATUS current
958: DESCRIPTION
959: "The name of the table."
960: ::= { pfTblEntry 2 }
961:
962: pfTblAddresses OBJECT-TYPE
963: SYNTAX Integer32
964: MAX-ACCESS read-only
965: STATUS current
966: DESCRIPTION
967: "The number of addresses currently stored in the table."
968: ::= { pfTblEntry 3 }
969:
970: pfTblAnchorRefs OBJECT-TYPE
971: SYNTAX Integer32
972: MAX-ACCESS read-only
973: STATUS current
974: DESCRIPTION
975: "The number of anchors which reference the table."
976: ::= { pfTblEntry 4 }
977:
978: pfTblRuleRefs OBJECT-TYPE
979: SYNTAX Integer32
980: MAX-ACCESS read-only
981: STATUS current
982: DESCRIPTION
983: "The number of rules which reference the table."
984: ::= { pfTblEntry 5 }
985:
986: pfTblEvalsMatch OBJECT-TYPE
987: SYNTAX Counter64
988: MAX-ACCESS read-only
989: STATUS current
990: DESCRIPTION
991: "The number of table evaluations that produced a match."
992: ::= { pfTblEntry 6 }
993:
994: pfTblEvalsNoMatch OBJECT-TYPE
995: SYNTAX Counter64
996: MAX-ACCESS read-only
997: STATUS current
998: DESCRIPTION
999: "The number of table evaluations that didn't match."
1000: ::= { pfTblEntry 7 }
1001:
1002: pfTblInPassPkts OBJECT-TYPE
1003: SYNTAX Counter64
1004: MAX-ACCESS read-only
1005: STATUS current
1006: DESCRIPTION
1007: "The number of packets passed in that matched the table."
1008: ::= { pfTblEntry 8 }
1009:
1010: pfTblInPassBytes OBJECT-TYPE
1011: SYNTAX Counter64
1012: MAX-ACCESS read-only
1013: STATUS current
1014: DESCRIPTION
1015: "The number of bytes passed in that matched the table."
1016: ::= { pfTblEntry 9 }
1017:
1018: pfTblInBlockPkts OBJECT-TYPE
1019: SYNTAX Counter64
1020: MAX-ACCESS read-only
1021: STATUS current
1022: DESCRIPTION
1023: "The number of incoming packets blocked that matched the table."
1024: ::= { pfTblEntry 10 }
1025:
1026: pfTblInBlockBytes OBJECT-TYPE
1027: SYNTAX Counter64
1028: MAX-ACCESS read-only
1029: STATUS current
1030: DESCRIPTION
1031: "The number incoming bytes blocked that matched the table."
1032: ::= { pfTblEntry 11 }
1033:
1034: pfTblInXPassPkts OBJECT-TYPE
1035: SYNTAX Counter64
1036: MAX-ACCESS read-only
1037: STATUS current
1038: DESCRIPTION
1039: "The number of packets statefully passed in where the state
1040: entry refers to the table, but the table no longer contains
1041: the address in question."
1042: ::= { pfTblEntry 12 }
1043:
1044: pfTblInXPassBytes OBJECT-TYPE
1045: SYNTAX Counter64
1046: MAX-ACCESS read-only
1047: STATUS current
1048: DESCRIPTION
1049: "The number of bytes statefully passed in where the state
1050: entry refers to the table, but the table no longer contains
1051: the address in question."
1052: ::= { pfTblEntry 13 }
1053:
1054: pfTblOutPassPkts OBJECT-TYPE
1055: SYNTAX Counter64
1056: MAX-ACCESS read-only
1057: STATUS current
1058: DESCRIPTION
1059: "The number of packets passed out that matched the table."
1060: ::= { pfTblEntry 14 }
1061:
1062: pfTblOutPassBytes OBJECT-TYPE
1063: SYNTAX Counter64
1064: MAX-ACCESS read-only
1065: STATUS current
1066: DESCRIPTION
1067: "The number of bytes passed out that matched the table."
1068: ::= { pfTblEntry 15 }
1069:
1070: pfTblOutBlockPkts OBJECT-TYPE
1071: SYNTAX Counter64
1072: MAX-ACCESS read-only
1073: STATUS current
1074: DESCRIPTION
1075: "The number of outgoing packets blocked that matched the table."
1076: ::= { pfTblEntry 16 }
1077:
1078: pfTblOutBlockBytes OBJECT-TYPE
1079: SYNTAX Counter64
1080: MAX-ACCESS read-only
1081: STATUS current
1082: DESCRIPTION
1083: "The number outgoing bytes blocked that matched the table."
1084: ::= { pfTblEntry 17 }
1085:
1086: pfTblOutXPassPkts OBJECT-TYPE
1087: SYNTAX Counter64
1088: MAX-ACCESS read-only
1089: STATUS current
1090: DESCRIPTION
1091: "The number of packets statefully passed out where the state
1092: entry refers to the table, but the table no longer contains
1093: the address in question."
1094: ::= { pfTblEntry 18 }
1095:
1096: pfTblOutXPassBytes OBJECT-TYPE
1097: SYNTAX Counter64
1098: MAX-ACCESS read-only
1099: STATUS current
1100: DESCRIPTION
1101: "The number of bytes statefully passed out where the state
1102: entry refers to the table, but the table no longer contains
1103: the address in question."
1104: ::= { pfTblEntry 19 }
1105:
1106: pfTblStatsCleared OBJECT-TYPE
1107: SYNTAX TimeTicks
1108: UNITS "1/100th of a Second"
1109: MAX-ACCESS read-only
1110: STATUS current
1111: DESCRIPTION
1112: "The number of seconds that have passed since the statistics
1113: for this pf table were zeroed."
1114: ::= { pfTblEntry 20 }
1115:
1.3 joel 1116: pfTblInMatchPkts OBJECT-TYPE
1117: SYNTAX Counter64
1118: MAX-ACCESS read-only
1119: STATUS current
1120: DESCRIPTION
1121: "The number of inbound packets that hit a 'match' rule where this
1122: particular table was referenced by the rule."
1123: ::= { pfTblEntry 21 }
1124:
1125: pfTblInMatchBytes OBJECT-TYPE
1126: SYNTAX Counter64
1127: MAX-ACCESS read-only
1128: STATUS current
1129: DESCRIPTION
1130: "The total size in bytes of all inbound packets that hit a
1131: 'match' rule where this particular table was referenced by
1132: the rule."
1133: ::= { pfTblEntry 22 }
1134:
1135: pfTblOutMatchPkts OBJECT-TYPE
1136: SYNTAX Counter64
1137: MAX-ACCESS read-only
1138: STATUS current
1139: DESCRIPTION
1140: "The number of outbound packets that hit a 'match' rule where this
1141: particular table was referenced by the rule."
1142: ::= { pfTblEntry 23 }
1143:
1144: pfTblOutMatchBytes OBJECT-TYPE
1145: SYNTAX Counter64
1146: MAX-ACCESS read-only
1147: STATUS current
1148: DESCRIPTION
1149: "The total size in bytes of all outbound packets that hit a
1150: 'match' rule where this particular table was referenced by
1151: the rule."
1152: ::= { pfTblEntry 24 }
1153:
1.1 joel 1154: pfTblAddrTable OBJECT-TYPE
1155: SYNTAX SEQUENCE OF TblAddrEntry
1156: MAX-ACCESS not-accessible
1157: STATUS current
1158: DESCRIPTION
1159: "A table containing the addresses/CIDR network blocks from
1160: every table on the system."
1161: ::= { pfTables 129 }
1162:
1163: pfTblAddrEntry OBJECT-TYPE
1164: SYNTAX TblAddrEntry
1165: MAX-ACCESS not-accessible
1166: STATUS current
1167: DESCRIPTION
1168: "An entry containing management information applicable to a
1169: particular table."
1170: INDEX { pfTblAddrTblIndex, pfTblAddrNet, pfTblAddrMask }
1171: ::= { pfTblAddrTable 1 }
1172:
1173: TblAddrEntry ::=
1174: SEQUENCE {
1.4 joel 1175: pfTblAddrTblIndex Integer32,
1.1 joel 1176: pfTblAddrNet IpAddress,
1177: pfTblAddrMask Integer32,
1.4 joel 1178: pfTblAddrCleared TimeTicks,
1.1 joel 1179: pfTblAddrInBlockPkts Counter64,
1180: pfTblAddrInBlockBytes Counter64,
1181: pfTblAddrInPassPkts Counter64,
1182: pfTblAddrInPassBytes Counter64,
1183: pfTblAddrOutBlockPkts Counter64,
1184: pfTblAddrOutBlockBytes Counter64,
1185: pfTblAddrOutPassPkts Counter64,
1.3 joel 1186: pfTblAddrOutPassBytes Counter64,
1187: pfTblAddrInMatchPkts Counter64,
1188: pfTblAddrInMatchBytes Counter64,
1189: pfTblAddrOutMatchPkts Counter64,
1190: pfTblAddrOutMatchBytes Counter64
1.1 joel 1191: }
1192:
1193: pfTblAddrTblIndex OBJECT-TYPE
1194: SYNTAX Integer32 (1..2147483647)
1195: MAX-ACCESS read-only
1196: STATUS current
1197: DESCRIPTION
1198: "The index value which uniquely identifies the table which
1199: contains this pfTblAddrNet/pfTblAddrMask pair."
1200: ::= { pfTblAddrEntry 1 }
1201:
1202: pfTblAddrNet OBJECT-TYPE
1203: SYNTAX IpAddress
1204: MAX-ACCESS read-only
1205: STATUS current
1206: DESCRIPTION
1207: "The IP address portion of the CIDR network for this
1208: particular table entry."
1209: ::= { pfTblAddrEntry 2 }
1210:
1211: pfTblAddrMask OBJECT-TYPE
1212: SYNTAX Integer32 (0..32)
1213: MAX-ACCESS read-only
1214: STATUS current
1215: DESCRIPTION
1216: "The CIDR bitmask for this particular table entry."
1217: ::= { pfTblAddrEntry 3 }
1218:
1219: pfTblAddrCleared OBJECT-TYPE
1220: SYNTAX TimeTicks
1221: UNITS "1/100th of a Second"
1222: MAX-ACCESS read-only
1223: STATUS current
1224: DESCRIPTION
1225: "The time that's passed since the statistics where last cleared, or
1226: since the pfTblAddrNet/pfTblAddrMask pair was loaded into the table,
1227: whichever is sooner."
1228: ::= { pfTblAddrEntry 4 }
1229:
1230: pfTblAddrInBlockPkts OBJECT-TYPE
1231: SYNTAX Counter64
1232: MAX-ACCESS read-only
1233: STATUS current
1234: DESCRIPTION
1235: "The number of inbound packets blocked as a result of matching
1236: this table entry."
1237: ::= { pfTblAddrEntry 5 }
1238:
1239: pfTblAddrInBlockBytes OBJECT-TYPE
1240: SYNTAX Counter64
1241: MAX-ACCESS read-only
1242: STATUS current
1243: DESCRIPTION
1244: "The number of inbound bytes blocked as a result of matching
1245: this table entry."
1246: ::= { pfTblAddrEntry 6 }
1247:
1248: pfTblAddrInPassPkts OBJECT-TYPE
1249: SYNTAX Counter64
1250: MAX-ACCESS read-only
1251: STATUS current
1252: DESCRIPTION
1253: "The number of inbound packets passed as a result of matching
1254: this table entry."
1255: ::= { pfTblAddrEntry 7 }
1256:
1257: pfTblAddrInPassBytes OBJECT-TYPE
1258: SYNTAX Counter64
1259: MAX-ACCESS read-only
1260: STATUS current
1261: DESCRIPTION
1262: "The number of inbound bytes passed as a result of matching
1263: this table entry."
1264: ::= { pfTblAddrEntry 8 }
1265:
1266: pfTblAddrOutBlockPkts OBJECT-TYPE
1267: SYNTAX Counter64
1268: MAX-ACCESS read-only
1269: STATUS current
1270: DESCRIPTION
1271: "The number of outbound packets blocked as a result of matching
1272: this table entry."
1273: ::= { pfTblAddrEntry 9 }
1274:
1275: pfTblAddrOutBlockBytes OBJECT-TYPE
1276: SYNTAX Counter64
1277: MAX-ACCESS read-only
1278: STATUS current
1279: DESCRIPTION
1280: "The number of outbound bytes blocked as a result of matching
1281: this table entry."
1282: ::= { pfTblAddrEntry 10 }
1283:
1284: pfTblAddrOutPassPkts OBJECT-TYPE
1285: SYNTAX Counter64
1286: MAX-ACCESS read-only
1287: STATUS current
1288: DESCRIPTION
1289: "The number of outbound packets passed as a result of matchin
1290: this table entry."
1291: ::= { pfTblAddrEntry 11 }
1292:
1293: pfTblAddrOutPassBytes OBJECT-TYPE
1294: SYNTAX Counter64
1295: MAX-ACCESS read-only
1296: STATUS current
1297: DESCRIPTION
1298: "The number of outbound bytes passed as a result of matchg
1299: this table entry."
1300: ::= { pfTblAddrEntry 12 }
1.3 joel 1301:
1302: pfTblAddrInMatchPkts OBJECT-TYPE
1303: SYNTAX Counter64
1304: MAX-ACCESS read-only
1305: STATUS current
1306: DESCRIPTION
1307: "The number of inbound packets that hit a 'match' rule where
1308: this table entry was referenced."
1309: ::= { pfTblAddrEntry 13 }
1310:
1311: pfTblAddrInMatchBytes OBJECT-TYPE
1312: SYNTAX Counter64
1313: MAX-ACCESS read-only
1314: STATUS current
1315: DESCRIPTION
1316: "The total size in bytes of all inbound packets that hit
1317: a 'match' rule where this table entry was referenced."
1318: ::= { pfTblAddrEntry 14 }
1319:
1320: pfTblAddrOutMatchPkts OBJECT-TYPE
1321: SYNTAX Counter64
1322: MAX-ACCESS read-only
1323: STATUS current
1324: DESCRIPTION
1325: "The number of outbound packets that hit a 'match' rule where
1326: this table entry was referenced."
1327: ::= { pfTblAddrEntry 15 }
1328:
1329: pfTblAddrOutMatchBytes OBJECT-TYPE
1330: SYNTAX Counter64
1331: MAX-ACCESS read-only
1332: STATUS current
1333: DESCRIPTION
1334: "The total size in bytes of all outbound packets that hit
1335: a 'match' rule where this table entry was referenced."
1336: ::= { pfTblAddrEntry 16 }
1.1 joel 1337:
1338:
1339: -- pfLabels
1340:
1341: pfLabelNumber OBJECT-TYPE
1342: SYNTAX Integer32
1343: MAX-ACCESS read-only
1344: STATUS current
1345: DESCRIPTION
1346: "The number of labels in the active pf ruleset."
1347: ::= { pfLabels 1 }
1348:
1349: pfLabelTable OBJECT-TYPE
1350: SYNTAX SEQUENCE OF PfLabelEntry
1351: MAX-ACCESS not-accessible
1352: STATUS current
1353: DESCRIPTION
1354: "A list of individual labels. The number of entries is
1355: given by the value of pfLabelNumber."
1356: ::= { pfLabels 128 }
1357:
1358: pfLabelEntry OBJECT-TYPE
1359: SYNTAX PfLabelEntry
1360: MAX-ACCESS not-accessible
1361: STATUS current
1362: DESCRIPTION
1363: "An entry containing management information applicable to a
1364: particular label."
1365: INDEX { pfLabelIndex }
1366: ::= { pfLabelTable 1 }
1367:
1368: PfLabelEntry ::=
1369: SEQUENCE {
1370: pfLabelIndex Integer32,
1.7 ! sthen 1371: pfLabelName SnmpAdminString,
1.1 joel 1372: pfLabelEvals Counter64,
1373: pfLabelPkts Counter64,
1374: pfLabelBytes Counter64,
1375: pfLabelInPkts Counter64,
1376: pfLabelInBytes Counter64,
1377: pfLabelOutPkts Counter64,
1378: pfLabelOutBytes Counter64,
1379: pfLabelTotalStates Counter32
1380: }
1381:
1382: pfLabelIndex OBJECT-TYPE
1383: SYNTAX Integer32 (1..2147483647)
1384: MAX-ACCESS read-only
1385: STATUS current
1386: DESCRIPTION
1387: "A unique value, greater than zero, for each label."
1388: ::= { pfLabelEntry 1 }
1389:
1390: pfLabelName OBJECT-TYPE
1.7 ! sthen 1391: SYNTAX SnmpAdminString
1.1 joel 1392: MAX-ACCESS read-only
1393: STATUS current
1394: DESCRIPTION
1395: "The name of the label."
1396: ::= { pfLabelEntry 2 }
1397:
1398: pfLabelEvals OBJECT-TYPE
1399: SYNTAX Counter64
1400: MAX-ACCESS read-only
1401: STATUS current
1402: DESCRIPTION
1403: "The number of rule evaluations."
1404: ::= { pfLabelEntry 3 }
1405:
1406: pfLabelPkts OBJECT-TYPE
1407: SYNTAX Counter64
1408: MAX-ACCESS read-only
1409: STATUS current
1410: DESCRIPTION
1411: "The total number of packets matched by the rule."
1412: ::= { pfLabelEntry 4 }
1413:
1414: pfLabelBytes OBJECT-TYPE
1415: SYNTAX Counter64
1416: MAX-ACCESS read-only
1417: STATUS current
1418: DESCRIPTION
1419: "The total number of bytes matched by the rule."
1420: ::= { pfLabelEntry 5 }
1421:
1422: pfLabelInPkts OBJECT-TYPE
1423: SYNTAX Counter64
1424: MAX-ACCESS read-only
1425: STATUS current
1426: DESCRIPTION
1427: "The number of incoming packets matched by the rule."
1428: ::= { pfLabelEntry 6 }
1429:
1430: pfLabelInBytes OBJECT-TYPE
1431: SYNTAX Counter64
1432: MAX-ACCESS read-only
1433: STATUS current
1434: DESCRIPTION
1435: "The number of incoming bytes matched by the rule."
1436: ::= { pfLabelEntry 7 }
1437:
1438: pfLabelOutPkts OBJECT-TYPE
1439: SYNTAX Counter64
1440: MAX-ACCESS read-only
1441: STATUS current
1442: DESCRIPTION
1443: "The number of outgoing packets matched by the rule."
1444: ::= { pfLabelEntry 8 }
1445:
1446: pfLabelOutBytes OBJECT-TYPE
1447: SYNTAX Counter64
1448: MAX-ACCESS read-only
1449: STATUS current
1450: DESCRIPTION
1451: "The number of outgoing bytes matched by the rule."
1452: ::= { pfLabelEntry 9 }
1453:
1454: pfLabelTotalStates OBJECT-TYPE
1455: SYNTAX Counter32
1456: MAX-ACCESS read-only
1457: STATUS current
1458: DESCRIPTION
1459: "The total number of state table entries created by this rule
1460: since the ruleset was loaded."
1461: ::= { pfLabelEntry 10 }
1462:
1463:
1464: -- pfsyncStats
1465:
1466: pfsyncIpPktsRecv OBJECT-TYPE
1467: SYNTAX Counter64
1468: MAX-ACCESS read-only
1469: STATUS current
1470: DESCRIPTION
1471: "Number of IPv4 pfsync packets received on all interfaces."
1472: ::= { pfsyncStats 1 }
1473:
1474: pfsyncIp6PktsRecv OBJECT-TYPE
1475: SYNTAX Counter64
1476: MAX-ACCESS read-only
1477: STATUS current
1478: DESCRIPTION
1479: "Number of IPv6 pfsync packets received on all interfaces."
1480: ::= { pfsyncStats 2 }
1481:
1482: pfsyncPktDiscardsForBadInterface OBJECT-TYPE
1483: SYNTAX Counter64
1484: MAX-ACCESS read-only
1485: STATUS current
1486: DESCRIPTION
1487: "Number of pfsync packets discarded because it was received
1488: on an interface that is not running pfsync."
1489: ::= { pfsyncStats 3 }
1490:
1491: pfsyncPktDiscardsForBadTtl OBJECT-TYPE
1492: SYNTAX Counter64
1493: MAX-ACCESS read-only
1494: STATUS current
1495: DESCRIPTION
1496: "Number of pfsync packets discarded due to having a TTL less
1497: than 255."
1498: ::= { pfsyncStats 4 }
1499:
1500: pfsyncPktShorterThanHeader OBJECT-TYPE
1501: SYNTAX Counter64
1502: MAX-ACCESS read-only
1503: STATUS current
1504: DESCRIPTION
1505: "Number of pfsync packets received that had a length shorter
1506: than the pfsync packet header."
1507: ::= { pfsyncStats 5 }
1508:
1509: pfsyncPktDiscardsForBadVersion OBJECT-TYPE
1510: SYNTAX Counter64
1511: MAX-ACCESS read-only
1512: STATUS current
1513: DESCRIPTION
1514: "Number of pfsync packets discarded due to incorrect protocol
1515: version."
1516: ::= { pfsyncStats 6 }
1517:
1518: pfsyncPktDiscardsForBadAction OBJECT-TYPE
1519: SYNTAX Counter64
1520: MAX-ACCESS read-only
1521: STATUS current
1522: DESCRIPTION
1523: "Number of pfsync packets discarded due to an invalid pfsync
1524: action in the header."
1525: ::= { pfsyncStats 7 }
1526:
1527: pfsyncPktDiscardsForBadLength OBJECT-TYPE
1528: SYNTAX Counter64
1529: MAX-ACCESS read-only
1530: STATUS current
1531: DESCRIPTION
1532: "Number of pfsync packets discarded due to incorrect size."
1533: ::= { pfsyncStats 8 }
1534:
1535: pfsyncPktDiscardsForBadAuth OBJECT-TYPE
1536: SYNTAX Counter64
1537: MAX-ACCESS read-only
1538: STATUS current
1539: DESCRIPTION
1540: "Number of pfsync packets discarded due to authentication failure."
1541: ::= { pfsyncStats 9 }
1542:
1543: pfsyncPktDiscardsForStaleState OBJECT-TYPE
1544: SYNTAX Counter64
1545: MAX-ACCESS read-only
1546: STATUS current
1547: DESCRIPTION
1548: "Number of pfsync packets discarded because they tried to update
1549: a stale state entry."
1550: ::= { pfsyncStats 10 }
1551:
1552: pfsyncPktDiscardsForBadValues OBJECT-TYPE
1553: SYNTAX Counter64
1554: MAX-ACCESS read-only
1555: STATUS current
1556: DESCRIPTION
1557: "Number of pfsync packets discarded due to containing bad values."
1558: ::= { pfsyncStats 11 }
1559:
1560: pfsyncPktDiscardsForBadState OBJECT-TYPE
1561: SYNTAX Counter64
1562: MAX-ACCESS read-only
1563: STATUS current
1564: DESCRIPTION
1565: "Number of pfsync packets discarded due to state insert/lookup
1566: failure."
1567: ::= { pfsyncStats 12 }
1568:
1569: pfsyncIpPktsSent OBJECT-TYPE
1570: SYNTAX Counter64
1571: MAX-ACCESS read-only
1572: STATUS current
1573: DESCRIPTION
1574: "Number of IPv4 pfsync packets sent on all interfaces."
1575: ::= { pfsyncStats 13 }
1576:
1577: pfsyncIp6PktsSent OBJECT-TYPE
1578: SYNTAX Counter64
1579: MAX-ACCESS read-only
1580: STATUS current
1581: DESCRIPTION
1582: "Number of IPv6 pfsync packets sent on all interfaces."
1583: ::= { pfsyncStats 14 }
1584:
1585: pfsyncNoMemory OBJECT-TYPE
1586: SYNTAX Counter64
1587: MAX-ACCESS read-only
1588: STATUS current
1589: DESCRIPTION
1590: "Number of pfsync packets which could not be sent due to
1591: insufficient memory."
1592: ::= { pfsyncStats 15 }
1593:
1594: pfsyncOutputErrors OBJECT-TYPE
1595: SYNTAX Counter64
1596: MAX-ACCESS read-only
1597: STATUS current
1598: DESCRIPTION
1599: "Number of pfsync packets which could not be sent."
1600: ::= { pfsyncStats 16 }
1601:
1602: END
1603:
![[BACK]](/icons/back.gif){kind=icon}
Return to OPENBSD-PF-MIB.txt CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / share / snmp