On Sat, Oct 5, 2024 at 7:41 PM Abel Abraham Camarillo Ojeda
<acamari@verlet.org> wrote:
>
>
>
> On Sat, Oct 5, 2024 at 1:15 PM Nick Owens <mischief@offblast.org> wrote:
>>
>> On Sat, Sep 28, 2024 at 11:40 PM Nick Owens <mischief@offblast.org> wrote:
>> >
>> > hi,
>> >
>> > i spent today doing a little work on my prometheus (sysutils/prometheus)
>> > exporter for pf. this program exports some metrics for pf. it can
>> > export the top level pf stats (states, searches, etc), the loginterface
>> > stats, and the drop/transmit counts for each queue.
>> >
>> > my personal usage of pf is pretty limited to my own home firewall, so i
>> > can't really say this is battle tested, but i thought since i updated
>> > it, i'd try my hand at my first ever openbsd port, so here it is :-)
>> >
>> > there are certainly warts, like the questionable file descriptor passing
>> > and use of the 'nobody' user in the rc.d script, but feedback is
>> > welcome.
>> >
>> > cheers,
>> > nick
>> >
>>
>> ping
>
>
> Are there info you get with this that you can't get with, for example, snmpd + snmp_exporter ?

i admit i've never used or been interested in SNMP, though, it's hard
to tell to the untrained eye if snmpd can read statistics for pf
queues. that was my main interest when writing pf_exporter.

>
> Maybe an example of metrics exported may be interesting

right now it can provide pf state count/searches/inserts/removals, the
ipv4/ipv6 packets/bytes statistics for the log interface, and the
transmit/drop statistics for each queue.

it seems that snmpd can provide some other useful info i might look
into adding, like per-rule/table and pfsync stats.

>
> thank you