1-- 2-- ---------------------------------------------------------------------------- 3-- "THE BEER-WARE LICENSE" (Revision 42): 4-- <philip@FreeBSD.org> wrote this file. As long as you retain this notice you 5-- can do whatever you want with this stuff. If we meet some day, and you think 6-- this stuff is worth it, you can buy me a beer in return. -Philip Paeps 7-- ---------------------------------------------------------------------------- 8-- 9 10BEGEMOT-PF-MIB DEFINITIONS ::= BEGIN 11 12IMPORTS 13 MODULE-IDENTITY, OBJECT-TYPE, Counter64, Integer32, 14 TimeTicks, Unsigned32 15 FROM SNMPv2-SMI 16 TruthValue 17 FROM SNMPv2-TC 18 InetAddress, InetAddressType, InetAddressPrefixLength 19 FROM INET-ADDRESS-MIB 20 begemot 21 FROM BEGEMOT-MIB; 22 23begemotPf MODULE-IDENTITY 24 LAST-UPDATED "202503190000Z" 25 ORGANIZATION "Alternative Enterprises (HK) Limited" 26 CONTACT-INFO 27 " Philip Paeps 28 29 E-Mail: philip@FreeBSD.org" 30 DESCRIPTION 31 "The Begemot MIB for the pf packet filter." 32 REVISION "202503190000Z" 33 DESCRIPTION 34 "Reverted pfInterfacesIfRefsState to Unsigned32" 35 REVISION "201003180000Z" 36 DESCRIPTION 37 "Modified pfTablesAddrEntry to support IPv6 38 addresses - added pfTablesAddrNetType column 39 and modified type of pfTablesAddrNet to 40 InetAddress." 41 REVISION "200912050000Z" 42 DESCRIPTION 43 "Added support for retrieving counters of labeled 44 pf filter rules via pfLabelspfLabels subtree." 45 REVISION "200501240000Z" 46 DESCRIPTION 47 "Initial revision." 48 49 ::= { begemot 200 } 50 51begemotPfObjects OBJECT IDENTIFIER ::= { begemotPf 1 } 52 53-- -------------------------------------------------------------------------- 54 55pfStatus OBJECT IDENTIFIER ::= { begemotPfObjects 1 } 56pfCounter OBJECT IDENTIFIER ::= { begemotPfObjects 2 } 57pfStateTable OBJECT IDENTIFIER ::= { begemotPfObjects 3 } 58pfSrcNodes OBJECT IDENTIFIER ::= { begemotPfObjects 4 } 59pfLimits OBJECT IDENTIFIER ::= { begemotPfObjects 5 } 60pfTimeouts OBJECT IDENTIFIER ::= { begemotPfObjects 6 } 61pfLogInterface OBJECT IDENTIFIER ::= { begemotPfObjects 7 } 62pfInterfaces OBJECT IDENTIFIER ::= { begemotPfObjects 8 } 63pfTables OBJECT IDENTIFIER ::= { begemotPfObjects 9 } 64pfAltq OBJECT IDENTIFIER ::= { begemotPfObjects 10 } 65pfLabels OBJECT IDENTIFIER ::= { begemotPfObjects 11 } 66 67-- -------------------------------------------------------------------------- 68 69-- 70-- status information 71-- 72 73pfStatusRunning OBJECT-TYPE 74 SYNTAX TruthValue 75 MAX-ACCESS read-only 76 STATUS current 77 DESCRIPTION 78 "True if pf is currently enabled." 79 ::= { pfStatus 1 } 80 81pfStatusRuntime OBJECT-TYPE 82 SYNTAX TimeTicks 83 UNITS "1/100th of a Second" 84 MAX-ACCESS read-only 85 STATUS current 86 DESCRIPTION 87 "Indicates how long pf has been enabled. If pf is not currently 88 enabled, indicates how long it has been disabled. If pf has not 89 been enabled or disabled since the system was started, the value 90 will be 0." 91 ::= { pfStatus 2 } 92 93pfStatusDebug OBJECT-TYPE 94 SYNTAX INTEGER { none(0), urgent(1), misc(2), loud(3) } 95 MAX-ACCESS read-only 96 STATUS current 97 DESCRIPTION 98 "Indicates the debug level at which pf is running." 99 ::= { pfStatus 3 } 100 101pfStatusHostId OBJECT-TYPE 102 SYNTAX OCTET STRING 103 MAX-ACCESS read-only 104 STATUS current 105 DESCRIPTION 106 "The (unique) host identifier of the machine running pf." 107 ::= { pfStatus 4 } 108 109-- -------------------------------------------------------------------------- 110 111-- 112-- counters 113-- 114 115pfCounterMatch OBJECT-TYPE 116 SYNTAX Counter64 117 MAX-ACCESS read-only 118 STATUS current 119 DESCRIPTION 120 "Number of packets that matched a filter rule." 121 ::= { pfCounter 1 } 122 123pfCounterBadOffset OBJECT-TYPE 124 SYNTAX Counter64 125 MAX-ACCESS read-only 126 STATUS current 127 DESCRIPTION 128 "Number of packets with bad offset." 129 ::= { pfCounter 2 } 130 131pfCounterFragment OBJECT-TYPE 132 SYNTAX Counter64 133 MAX-ACCESS read-only 134 STATUS current 135 DESCRIPTION 136 "Number of fragmented packets." 137 ::= { pfCounter 3 } 138 139pfCounterShort OBJECT-TYPE 140 SYNTAX Counter64 141 MAX-ACCESS read-only 142 STATUS current 143 DESCRIPTION 144 "Number of short packets." 145 ::= { pfCounter 4 } 146 147pfCounterNormalize OBJECT-TYPE 148 SYNTAX Counter64 149 MAX-ACCESS read-only 150 STATUS current 151 DESCRIPTION 152 "Number of normalized packets." 153 ::= { pfCounter 5 } 154 155pfCounterMemDrop OBJECT-TYPE 156 SYNTAX Counter64 157 MAX-ACCESS read-only 158 STATUS current 159 DESCRIPTION 160 "Number of packets dropped due to memory limitations." 161 ::= { pfCounter 6 } 162 163-- -------------------------------------------------------------------------- 164 165-- 166-- state table 167-- 168 169pfStateTableCount OBJECT-TYPE 170 SYNTAX Unsigned32 171 MAX-ACCESS read-only 172 STATUS current 173 DESCRIPTION 174 "Number of entries in the state table." 175 ::= { pfStateTable 1 } 176 177pfStateTableSearches OBJECT-TYPE 178 SYNTAX Counter64 179 MAX-ACCESS read-only 180 STATUS current 181 DESCRIPTION 182 "Number of searches against the state table." 183 ::= { pfStateTable 2 } 184 185pfStateTableInserts OBJECT-TYPE 186 SYNTAX Counter64 187 MAX-ACCESS read-only 188 STATUS current 189 DESCRIPTION 190 "Number of entries inserted into the state table." 191 ::= { pfStateTable 3 } 192 193pfStateTableRemovals OBJECT-TYPE 194 SYNTAX Counter64 195 MAX-ACCESS read-only 196 STATUS current 197 DESCRIPTION 198 "Number of entries removed from the state table." 199 ::= { pfStateTable 4 } 200 201-- -------------------------------------------------------------------------- 202 203-- 204-- source nodes 205-- 206 207pfSrcNodesCount OBJECT-TYPE 208 SYNTAX Unsigned32 209 MAX-ACCESS read-only 210 STATUS current 211 DESCRIPTION 212 "Number of entries in the source tracking table." 213 ::= { pfSrcNodes 1 } 214 215pfSrcNodesSearches OBJECT-TYPE 216 SYNTAX Counter64 217 MAX-ACCESS read-only 218 STATUS current 219 DESCRIPTION 220 "Number of searches against the source tracking table." 221 ::= { pfSrcNodes 2 } 222 223pfSrcNodesInserts OBJECT-TYPE 224 SYNTAX Counter64 225 MAX-ACCESS read-only 226 STATUS current 227 DESCRIPTION 228 "Number of entries inserted into the source tracking table." 229 ::= { pfSrcNodes 3 } 230 231pfSrcNodesRemovals OBJECT-TYPE 232 SYNTAX Counter64 233 MAX-ACCESS read-only 234 STATUS current 235 DESCRIPTION 236 "Number of entries removed from the source tracking table." 237 ::= { pfSrcNodes 4 } 238 239-- -------------------------------------------------------------------------- 240 241-- 242-- limits 243-- 244 245pfLimitsStates OBJECT-TYPE 246 SYNTAX Unsigned32 247 MAX-ACCESS read-only 248 STATUS current 249 DESCRIPTION 250 "Maximum number of 'keep state' rules in the ruleset." 251 ::= { pfLimits 1 } 252 253pfLimitsSrcNodes OBJECT-TYPE 254 SYNTAX Unsigned32 255 MAX-ACCESS read-only 256 STATUS current 257 DESCRIPTION 258 "Maximum number of 'sticky-address' or 'source-track' rules 259 in the ruleset." 260 ::= { pfLimits 2 } 261 262pfLimitsFrags OBJECT-TYPE 263 SYNTAX Unsigned32 264 MAX-ACCESS read-only 265 STATUS current 266 DESCRIPTION 267 "Maximum number of 'scrub' rules in the ruleset." 268 ::= { pfLimits 3 } 269 270-- -------------------------------------------------------------------------- 271 272-- 273-- timeouts 274-- 275 276pfTimeoutsTcpFirst OBJECT-TYPE 277 SYNTAX Integer32 278 MAX-ACCESS read-only 279 STATUS current 280 DESCRIPTION 281 "State after the first packet in a connection." 282 ::= { pfTimeouts 1 } 283 284pfTimeoutsTcpOpening OBJECT-TYPE 285 SYNTAX Integer32 286 MAX-ACCESS read-only 287 STATUS current 288 DESCRIPTION 289 "State before the destination host ever sends a packet." 290 ::= { pfTimeouts 2 } 291 292pfTimeoutsTcpEstablished OBJECT-TYPE 293 SYNTAX Integer32 294 MAX-ACCESS read-only 295 STATUS current 296 DESCRIPTION 297 "The fully established state." 298 ::= { pfTimeouts 3 } 299 300pfTimeoutsTcpClosing OBJECT-TYPE 301 SYNTAX Integer32 302 MAX-ACCESS read-only 303 STATUS current 304 DESCRIPTION 305 "State after the first FIN has been sent." 306 ::= { pfTimeouts 4 } 307 308pfTimeoutsTcpFinWait OBJECT-TYPE 309 SYNTAX Integer32 310 MAX-ACCESS read-only 311 STATUS current 312 DESCRIPTION 313 "State after both FINs have been exchanged and the 314 connection is closed." 315 ::= { pfTimeouts 5 } 316 317pfTimeoutsTcpClosed OBJECT-TYPE 318 SYNTAX Integer32 319 MAX-ACCESS read-only 320 STATUS current 321 DESCRIPTION 322 "State after one endpoint sends an RST." 323 ::= { pfTimeouts 6 } 324 325pfTimeoutsUdpFirst OBJECT-TYPE 326 SYNTAX Integer32 327 MAX-ACCESS read-only 328 STATUS current 329 DESCRIPTION 330 "State after the first packet." 331 ::= { pfTimeouts 7 } 332 333pfTimeoutsUdpSingle OBJECT-TYPE 334 SYNTAX Integer32 335 MAX-ACCESS read-only 336 STATUS current 337 DESCRIPTION 338 "State if the source host sends more than one packet but 339 the destination host has never sent one back." 340 ::= { pfTimeouts 8 } 341 342pfTimeoutsUdpMultiple OBJECT-TYPE 343 SYNTAX Integer32 344 MAX-ACCESS read-only 345 STATUS current 346 DESCRIPTION 347 "State if both hosts have sent packets." 348 ::= { pfTimeouts 9 } 349 350pfTimeoutsIcmpFirst OBJECT-TYPE 351 SYNTAX Integer32 352 MAX-ACCESS read-only 353 STATUS current 354 DESCRIPTION 355 "State after the first packet." 356 ::= { pfTimeouts 10 } 357 358pfTimeoutsIcmpError OBJECT-TYPE 359 SYNTAX Integer32 360 MAX-ACCESS read-only 361 STATUS current 362 DESCRIPTION 363 "State after an ICMP error came back in response to an 364 ICMP packet." 365 ::= { pfTimeouts 11 } 366 367pfTimeoutsOtherFirst OBJECT-TYPE 368 SYNTAX Integer32 369 MAX-ACCESS read-only 370 STATUS current 371 DESCRIPTION 372 "State after the first packet." 373 ::= { pfTimeouts 12 } 374 375pfTimeoutsOtherSingle OBJECT-TYPE 376 SYNTAX Integer32 377 MAX-ACCESS read-only 378 STATUS current 379 DESCRIPTION 380 "State if the source host sends more than one packet but 381 the destination host has never sent one back." 382 ::= { pfTimeouts 13 } 383 384pfTimeoutsOtherMultiple OBJECT-TYPE 385 SYNTAX Integer32 386 MAX-ACCESS read-only 387 STATUS current 388 DESCRIPTION 389 "State if both hosts have sent packets." 390 ::= { pfTimeouts 14 } 391 392pfTimeoutsFragment OBJECT-TYPE 393 SYNTAX Integer32 394 MAX-ACCESS read-only 395 STATUS current 396 DESCRIPTION 397 "Seconds before an unassembled fragment is expired." 398 ::= { pfTimeouts 15 } 399 400pfTimeoutsInterval OBJECT-TYPE 401 SYNTAX Integer32 402 MAX-ACCESS read-only 403 STATUS current 404 DESCRIPTION 405 "Interval between purging expired states and fragments." 406 ::= { pfTimeouts 16 } 407 408pfTimeoutsAdaptiveStart OBJECT-TYPE 409 SYNTAX Integer32 410 MAX-ACCESS read-only 411 STATUS current 412 DESCRIPTION 413 "When the number of state entries exceeds this value, 414 adaptive scaling begins." 415 ::= { pfTimeouts 17 } 416 417pfTimeoutsAdaptiveEnd OBJECT-TYPE 418 SYNTAX Integer32 419 MAX-ACCESS read-only 420 STATUS current 421 DESCRIPTION 422 "When reaching this number of state entries, all timeout 423 values become zero, effectively purging all state entries 424 immediately." 425 ::= { pfTimeouts 18 } 426 427pfTimeoutsSrcNode OBJECT-TYPE 428 SYNTAX Integer32 429 MAX-ACCESS read-only 430 STATUS current 431 DESCRIPTION 432 "Length of time to retain a source tracking entry after 433 the last state expires." 434 ::= { pfTimeouts 19 } 435 436-- -------------------------------------------------------------------------- 437 438-- 439-- log interface 440-- 441 442pfLogInterfaceName OBJECT-TYPE 443 SYNTAX OCTET STRING 444 MAX-ACCESS read-only 445 STATUS current 446 DESCRIPTION 447 "The name of the interface configured with 'set loginterface'. 448 If no interface has been configured, the object will be empty." 449 ::= { pfLogInterface 1 } 450 451pfLogInterfaceIp4BytesIn OBJECT-TYPE 452 SYNTAX Counter64 453 MAX-ACCESS read-only 454 STATUS current 455 DESCRIPTION 456 "Number of IPv4 bytes passed in on the loginterface." 457 ::= { pfLogInterface 2 } 458 459pfLogInterfaceIp4BytesOut OBJECT-TYPE 460 SYNTAX Counter64 461 MAX-ACCESS read-only 462 STATUS current 463 DESCRIPTION 464 "Number of IPv4 bytes passed out on the loginterface." 465 ::= { pfLogInterface 3 } 466 467pfLogInterfaceIp4PktsInPass OBJECT-TYPE 468 SYNTAX Counter64 469 MAX-ACCESS read-only 470 STATUS current 471 DESCRIPTION 472 "Number of IPv4 packets passed in on the loginterface." 473 ::= { pfLogInterface 4 } 474 475pfLogInterfaceIp4PktsInDrop OBJECT-TYPE 476 SYNTAX Counter64 477 MAX-ACCESS read-only 478 STATUS current 479 DESCRIPTION 480 "Number of IPv4 packets dropped coming in on the loginterface." 481 ::= { pfLogInterface 5 } 482 483pfLogInterfaceIp4PktsOutPass OBJECT-TYPE 484 SYNTAX Counter64 485 MAX-ACCESS read-only 486 STATUS current 487 DESCRIPTION 488 "Number of IPv4 packets passed out on the loginterface." 489 ::= { pfLogInterface 6 } 490 491pfLogInterfaceIp4PktsOutDrop OBJECT-TYPE 492 SYNTAX Counter64 493 MAX-ACCESS read-only 494 STATUS current 495 DESCRIPTION 496 "Number of IPv4 packets dropped going out on the loginterface." 497 ::= { pfLogInterface 7 } 498 499pfLogInterfaceIp6BytesIn OBJECT-TYPE 500 SYNTAX Counter64 501 MAX-ACCESS read-only 502 STATUS current 503 DESCRIPTION 504 "Number of IPv6 bytes passed in on the loginterface." 505 ::= { pfLogInterface 8 } 506 507pfLogInterfaceIp6BytesOut OBJECT-TYPE 508 SYNTAX Counter64 509 MAX-ACCESS read-only 510 STATUS current 511 DESCRIPTION 512 "Number of IPv6 bytes passed out on the loginterface." 513 ::= { pfLogInterface 9 } 514 515pfLogInterfaceIp6PktsInPass OBJECT-TYPE 516 SYNTAX Counter64 517 MAX-ACCESS read-only 518 STATUS current 519 DESCRIPTION 520 "Number of IPv6 packets passed in on the loginterface." 521 ::= { pfLogInterface 10 } 522 523pfLogInterfaceIp6PktsInDrop OBJECT-TYPE 524 SYNTAX Counter64 525 MAX-ACCESS read-only 526 STATUS current 527 DESCRIPTION 528 "Number of IPv6 packets dropped coming in on the loginterface." 529 ::= { pfLogInterface 11 } 530 531pfLogInterfaceIp6PktsOutPass OBJECT-TYPE 532 SYNTAX Counter64 533 MAX-ACCESS read-only 534 STATUS current 535 DESCRIPTION 536 "Number of IPv6 packets passed out on the loginterface." 537 ::= { pfLogInterface 12 } 538 539pfLogInterfaceIp6PktsOutDrop OBJECT-TYPE 540 SYNTAX Counter64 541 MAX-ACCESS read-only 542 STATUS current 543 DESCRIPTION 544 "Number of IPv6 packets dropped going out on the loginterface." 545 ::= { pfLogInterface 13 } 546 547-- -------------------------------------------------------------------------- 548 549-- 550-- interfaces 551-- 552 553pfInterfacesIfNumber OBJECT-TYPE 554 SYNTAX Integer32 555 MAX-ACCESS read-only 556 STATUS current 557 DESCRIPTION 558 "The number of network interfaces on this system." 559 ::= { pfInterfaces 1 } 560 561pfInterfacesIfTable OBJECT-TYPE 562 SYNTAX SEQUENCE OF PfInterfacesIfEntry 563 MAX-ACCESS not-accessible 564 STATUS current 565 DESCRIPTION 566 "Table of network interfaces, indexed on pfInterfacesIfNumber." 567 ::= { pfInterfaces 2 } 568 569pfInterfacesIfEntry OBJECT-TYPE 570 SYNTAX PfInterfacesIfEntry 571 MAX-ACCESS not-accessible 572 STATUS current 573 DESCRIPTION 574 "An entry in the pfInterfacesIfTable containing information 575 about a particular network interface in the machine." 576 INDEX { pfInterfacesIfIndex } 577 ::= { pfInterfacesIfTable 1 } 578 579PfInterfacesIfEntry ::= SEQUENCE { 580 pfInterfacesIfIndex Integer32, 581 pfInterfacesIfDescr OCTET STRING, 582 pfInterfacesIfType INTEGER, 583 pfInterfacesIfTZero TimeTicks, 584 pfInterfacesIfRefsState Unsigned32, 585 pfInterfacesIfRefsRule Unsigned32, 586 pfInterfacesIf4BytesInPass Counter64, 587 pfInterfacesIf4BytesInBlock Counter64, 588 pfInterfacesIf4BytesOutPass Counter64, 589 pfInterfacesIf4BytesOutBlock Counter64, 590 pfInterfacesIf4PktsInPass Counter64, 591 pfInterfacesIf4PktsInBlock Counter64, 592 pfInterfacesIf4PktsOutPass Counter64, 593 pfInterfacesIf4PktsOutBlock Counter64, 594 pfInterfacesIf6BytesInPass Counter64, 595 pfInterfacesIf6BytesInBlock Counter64, 596 pfInterfacesIf6BytesOutPass Counter64, 597 pfInterfacesIf6BytesOutBlock Counter64, 598 pfInterfacesIf6PktsInPass Counter64, 599 pfInterfacesIf6PktsInBlock Counter64, 600 pfInterfacesIf6PktsOutPass Counter64, 601 pfInterfacesIf6PktsOutBlock Counter64 602} 603 604pfInterfacesIfIndex OBJECT-TYPE 605 SYNTAX Integer32 (1..2147483647) 606 MAX-ACCESS not-accessible 607 STATUS current 608 DESCRIPTION 609 "A unique value, greater than zero, for each interface." 610 ::= { pfInterfacesIfEntry 1 } 611 612pfInterfacesIfDescr OBJECT-TYPE 613 SYNTAX OCTET STRING 614 MAX-ACCESS read-only 615 STATUS current 616 DESCRIPTION 617 "The name of the interface." 618 ::= { pfInterfacesIfEntry 2 } 619 620pfInterfacesIfType OBJECT-TYPE 621 SYNTAX INTEGER { group(0), instance(1), detached(2) } 622 MAX-ACCESS read-only 623 STATUS current 624 DESCRIPTION 625 "Indicates whether the interface is a group inteface, an 626 interface instance, or whether it has been removed or 627 destroyed." 628 ::= { pfInterfacesIfEntry 3 } 629 630pfInterfacesIfTZero OBJECT-TYPE 631 SYNTAX TimeTicks 632 UNITS "1/100th of a Second" 633 MAX-ACCESS read-only 634 STATUS current 635 DESCRIPTION 636 "Time since statistics were last reset or since the 637 interface was loaded." 638 ::= { pfInterfacesIfEntry 4 } 639 640pfInterfacesIfRefsState OBJECT-TYPE 641 SYNTAX Unsigned32 642 MAX-ACCESS read-only 643 STATUS current 644 DESCRIPTION 645 "The number of state and/or source track entries referencing 646 this interface." 647 ::= { pfInterfacesIfEntry 5 } 648 649pfInterfacesIfRefsRule OBJECT-TYPE 650 SYNTAX Unsigned32 651 MAX-ACCESS read-only 652 STATUS current 653 DESCRIPTION 654 "The number of rules referencing this interface." 655 ::= { pfInterfacesIfEntry 6 } 656 657pfInterfacesIf4BytesInPass OBJECT-TYPE 658 SYNTAX Counter64 659 MAX-ACCESS read-only 660 STATUS current 661 DESCRIPTION 662 "The number of IPv4 bytes passed coming in on this interface." 663 ::= { pfInterfacesIfEntry 7 } 664 665pfInterfacesIf4BytesInBlock OBJECT-TYPE 666 SYNTAX Counter64 667 MAX-ACCESS read-only 668 STATUS current 669 DESCRIPTION 670 "The number of IPv4 bytes blocked coming in on this interface." 671 ::= { pfInterfacesIfEntry 8 } 672 673pfInterfacesIf4BytesOutPass OBJECT-TYPE 674 SYNTAX Counter64 675 MAX-ACCESS read-only 676 STATUS current 677 DESCRIPTION 678 "The number of IPv4 bytes passed going out on this interface." 679 ::= { pfInterfacesIfEntry 9 } 680 681pfInterfacesIf4BytesOutBlock OBJECT-TYPE 682 SYNTAX Counter64 683 MAX-ACCESS read-only 684 STATUS current 685 DESCRIPTION 686 "The number of IPv4 bytes blocked going out on this interface." 687 ::= { pfInterfacesIfEntry 10 } 688 689pfInterfacesIf4PktsInPass OBJECT-TYPE 690 SYNTAX Counter64 691 MAX-ACCESS read-only 692 STATUS current 693 DESCRIPTION 694 "The number of IPv4 packets passed coming in on this interface." 695 ::= { pfInterfacesIfEntry 11 } 696 697pfInterfacesIf4PktsInBlock OBJECT-TYPE 698 SYNTAX Counter64 699 MAX-ACCESS read-only 700 STATUS current 701 DESCRIPTION 702 "The number of IPv4 packets blocked coming in on this interface." 703 ::= { pfInterfacesIfEntry 12 } 704 705pfInterfacesIf4PktsOutPass OBJECT-TYPE 706 SYNTAX Counter64 707 MAX-ACCESS read-only 708 STATUS current 709 DESCRIPTION 710 "The number of IPv4 packets passed going out on this interface." 711 ::= { pfInterfacesIfEntry 13 } 712 713pfInterfacesIf4PktsOutBlock OBJECT-TYPE 714 SYNTAX Counter64 715 MAX-ACCESS read-only 716 STATUS current 717 DESCRIPTION 718 "The number of IPv4 packets blocked going out on this interface." 719 ::= { pfInterfacesIfEntry 14 } 720 721pfInterfacesIf6BytesInPass OBJECT-TYPE 722 SYNTAX Counter64 723 MAX-ACCESS read-only 724 STATUS current 725 DESCRIPTION 726 "The number of IPv6 bytes passed coming in on this interface." 727 ::= { pfInterfacesIfEntry 15 } 728 729pfInterfacesIf6BytesInBlock OBJECT-TYPE 730 SYNTAX Counter64 731 MAX-ACCESS read-only 732 STATUS current 733 DESCRIPTION 734 "The number of IPv6 bytes blocked coming in on this interface." 735 ::= { pfInterfacesIfEntry 16 } 736 737pfInterfacesIf6BytesOutPass OBJECT-TYPE 738 SYNTAX Counter64 739 MAX-ACCESS read-only 740 STATUS current 741 DESCRIPTION 742 "The number of IPv6 bytes passed going out on this interface." 743 ::= { pfInterfacesIfEntry 17 } 744 745pfInterfacesIf6BytesOutBlock OBJECT-TYPE 746 SYNTAX Counter64 747 MAX-ACCESS read-only 748 STATUS current 749 DESCRIPTION 750 "The number of IPv6 bytes blocked going out on this interface." 751 ::= { pfInterfacesIfEntry 18 } 752 753 754pfInterfacesIf6PktsInPass OBJECT-TYPE 755 SYNTAX Counter64 756 MAX-ACCESS read-only 757 STATUS current 758 DESCRIPTION 759 "The number of IPv6 packets passed coming in on this interface." 760 ::= { pfInterfacesIfEntry 19 } 761 762pfInterfacesIf6PktsInBlock OBJECT-TYPE 763 SYNTAX Counter64 764 MAX-ACCESS read-only 765 STATUS current 766 DESCRIPTION 767 "The number of IPv6 packets blocked coming in on this interface." 768 ::= { pfInterfacesIfEntry 20 } 769 770pfInterfacesIf6PktsOutPass OBJECT-TYPE 771 SYNTAX Counter64 772 MAX-ACCESS read-only 773 STATUS current 774 DESCRIPTION 775 "The number of IPv6 packets passed going out on this interface." 776 ::= { pfInterfacesIfEntry 21 } 777 778pfInterfacesIf6PktsOutBlock OBJECT-TYPE 779 SYNTAX Counter64 780 MAX-ACCESS read-only 781 STATUS current 782 DESCRIPTION 783 "The number of IPv6 packets blocked going out on this interface." 784 ::= { pfInterfacesIfEntry 22 } 785 786-- -------------------------------------------------------------------------- 787 788-- 789-- tables 790-- 791 792pfTablesTblNumber OBJECT-TYPE 793 SYNTAX Integer32 794 MAX-ACCESS read-only 795 STATUS current 796 DESCRIPTION 797 "The number of tables on this system." 798 ::= { pfTables 1 } 799 800pfTablesTblTable OBJECT-TYPE 801 SYNTAX SEQUENCE OF PfTablesTblEntry 802 MAX-ACCESS not-accessible 803 STATUS current 804 DESCRIPTION 805 "Table of tables, index on pfTablesTblIndex." 806 ::= { pfTables 2 } 807 808pfTablesTblEntry OBJECT-TYPE 809 SYNTAX PfTablesTblEntry 810 MAX-ACCESS not-accessible 811 STATUS current 812 DESCRIPTION 813 "Any entry in the pfTablesTblTable containing information 814 about a particular table on the system." 815 INDEX { pfTablesTblIndex } 816 ::= { pfTablesTblTable 1 } 817 818PfTablesTblEntry ::= SEQUENCE { 819 pfTablesTblIndex Integer32, 820 pfTablesTblDescr OCTET STRING, 821 pfTablesTblCount Integer32, 822 pfTablesTblTZero TimeTicks, 823 pfTablesTblRefsAnchor Integer32, 824 pfTablesTblRefsRule Integer32, 825 pfTablesTblEvalMatch Counter64, 826 pfTablesTblEvalNoMatch Counter64, 827 pfTablesTblBytesInPass Counter64, 828 pfTablesTblBytesInBlock Counter64, 829 pfTablesTblBytesInXPass Counter64, 830 pfTablesTblBytesOutPass Counter64, 831 pfTablesTblBytesOutBlock Counter64, 832 pfTablesTblBytesOutXPass Counter64, 833 pfTablesTblPktsInPass Counter64, 834 pfTablesTblPktsInBlock Counter64, 835 pfTablesTblPktsInXPass Counter64, 836 pfTablesTblPktsOutPass Counter64, 837 pfTablesTblPktsOutBlock Counter64, 838 pfTablesTblPktsOutXPass Counter64 839} 840 841pfTablesTblIndex OBJECT-TYPE 842 SYNTAX Integer32 (1..2147483647) 843 MAX-ACCESS not-accessible 844 STATUS current 845 DESCRIPTION 846 "A unique value, greater than zero, for each table." 847 ::= { pfTablesTblEntry 1 } 848 849pfTablesTblDescr OBJECT-TYPE 850 SYNTAX OCTET STRING 851 MAX-ACCESS read-only 852 STATUS current 853 DESCRIPTION 854 "The name of the table." 855 ::= { pfTablesTblEntry 2 } 856 857pfTablesTblCount OBJECT-TYPE 858 SYNTAX Integer32 859 MAX-ACCESS read-only 860 STATUS current 861 DESCRIPTION 862 "The number of addresses in the table." 863 ::= { pfTablesTblEntry 3 } 864 865pfTablesTblTZero OBJECT-TYPE 866 SYNTAX TimeTicks 867 UNITS "1/100th of a Second" 868 MAX-ACCESS read-only 869 STATUS current 870 DESCRIPTION 871 "The time passed since the statistics of this table were last 872 cleared or the time since this table was loaded, whichever is 873 sooner." 874 ::= { pfTablesTblEntry 4 } 875 876pfTablesTblRefsAnchor OBJECT-TYPE 877 SYNTAX Integer32 878 MAX-ACCESS read-only 879 STATUS current 880 DESCRIPTION 881 "The number of anchors referencing this table." 882 ::= { pfTablesTblEntry 5 } 883 884pfTablesTblRefsRule OBJECT-TYPE 885 SYNTAX Integer32 886 MAX-ACCESS read-only 887 STATUS current 888 DESCRIPTION 889 "The number of rules referencing this table." 890 ::= { pfTablesTblEntry 6 } 891 892pfTablesTblEvalMatch OBJECT-TYPE 893 SYNTAX Counter64 894 MAX-ACCESS read-only 895 STATUS current 896 DESCRIPTION 897 "The number of evaluations returning a match." 898 ::= { pfTablesTblEntry 7 } 899 900pfTablesTblEvalNoMatch OBJECT-TYPE 901 SYNTAX Counter64 902 MAX-ACCESS read-only 903 STATUS current 904 DESCRIPTION 905 "The number of evaluations not returning a match." 906 ::= { pfTablesTblEntry 8 } 907 908pfTablesTblBytesInPass OBJECT-TYPE 909 SYNTAX Counter64 910 MAX-ACCESS read-only 911 STATUS current 912 DESCRIPTION 913 "The number of bytes passed in matching the table." 914 ::= { pfTablesTblEntry 9 } 915 916pfTablesTblBytesInBlock OBJECT-TYPE 917 SYNTAX Counter64 918 MAX-ACCESS read-only 919 STATUS current 920 DESCRIPTION 921 "The number of bytes blocked coming in matching the table." 922 ::= { pfTablesTblEntry 10 } 923 924pfTablesTblBytesInXPass OBJECT-TYPE 925 SYNTAX Counter64 926 MAX-ACCESS read-only 927 STATUS current 928 DESCRIPTION 929 "The number of bytes statefully passed in where the state 930 entry refers to the table, but the table no longer contains 931 the address in question." 932 ::= { pfTablesTblEntry 11 } 933 934pfTablesTblBytesOutPass OBJECT-TYPE 935 SYNTAX Counter64 936 MAX-ACCESS read-only 937 STATUS current 938 DESCRIPTION 939 "The number of bytes passed out matching the table." 940 ::= { pfTablesTblEntry 12 } 941 942pfTablesTblBytesOutBlock OBJECT-TYPE 943 SYNTAX Counter64 944 MAX-ACCESS read-only 945 STATUS current 946 DESCRIPTION 947 "The number of bytes blocked going out matching the table." 948 ::= { pfTablesTblEntry 13 } 949 950pfTablesTblBytesOutXPass OBJECT-TYPE 951 SYNTAX Counter64 952 MAX-ACCESS read-only 953 STATUS current 954 DESCRIPTION 955 "The number of bytes statefully passed out where the state 956 entry refers to the table, but the table no longer contains 957 the address in question." 958 ::= { pfTablesTblEntry 14 } 959 960pfTablesTblPktsInPass OBJECT-TYPE 961 SYNTAX Counter64 962 MAX-ACCESS read-only 963 STATUS current 964 DESCRIPTION 965 "The number of packets passed in matching the table." 966 ::= { pfTablesTblEntry 15 } 967 968pfTablesTblPktsInBlock OBJECT-TYPE 969 SYNTAX Counter64 970 MAX-ACCESS read-only 971 STATUS current 972 DESCRIPTION 973 "The number of packets blocked coming in matching the table." 974 ::= { pfTablesTblEntry 16 } 975 976pfTablesTblPktsInXPass OBJECT-TYPE 977 SYNTAX Counter64 978 MAX-ACCESS read-only 979 STATUS current 980 DESCRIPTION 981 "The number of packets statefully passed in where the state 982 entry refers to the table, but the table no longer contains 983 the address in question." 984 ::= { pfTablesTblEntry 17 } 985 986pfTablesTblPktsOutPass OBJECT-TYPE 987 SYNTAX Counter64 988 MAX-ACCESS read-only 989 STATUS current 990 DESCRIPTION 991 "The number of packets passed out matching the table." 992 ::= { pfTablesTblEntry 18 } 993 994pfTablesTblPktsOutBlock OBJECT-TYPE 995 SYNTAX Counter64 996 MAX-ACCESS read-only 997 STATUS current 998 DESCRIPTION 999 "The number of packets blocked going out matching the table." 1000 ::= { pfTablesTblEntry 19 } 1001 1002pfTablesTblPktsOutXPass OBJECT-TYPE 1003 SYNTAX Counter64 1004 MAX-ACCESS read-only 1005 STATUS current 1006 DESCRIPTION 1007 "The number of packets statefully passed out where the state 1008 entry refers to the table, but the table no longer contains 1009 the address in question." 1010 ::= { pfTablesTblEntry 20 } 1011 1012pfTablesAddrTable OBJECT-TYPE 1013 SYNTAX SEQUENCE OF PfTablesAddrEntry 1014 MAX-ACCESS not-accessible 1015 STATUS current 1016 DESCRIPTION 1017 "Table of addresses from every table on the system." 1018 ::= { pfTables 3 } 1019 1020pfTablesAddrEntry OBJECT-TYPE 1021 SYNTAX PfTablesAddrEntry 1022 MAX-ACCESS not-accessible 1023 STATUS current 1024 DESCRIPTION 1025 "An entry in the pfTablesAddrTable containing information 1026 about a particular entry in a table." 1027 INDEX { pfTablesAddrIndex } 1028 ::= { pfTablesAddrTable 1 } 1029 1030PfTablesAddrEntry ::= SEQUENCE { 1031 pfTablesAddrIndex Integer32, 1032 pfTablesAddrNetType InetAddressType, 1033 pfTablesAddrNet InetAddress, 1034 pfTablesAddrPrefix InetAddressPrefixLength, 1035 pfTablesAddrTZero TimeTicks, 1036 pfTablesAddrBytesInPass Counter64, 1037 pfTablesAddrBytesInBlock Counter64, 1038 pfTablesAddrBytesOutPass Counter64, 1039 pfTablesAddrBytesOutBlock Counter64, 1040 pfTablesAddrPktsInPass Counter64, 1041 pfTablesAddrPktsInBlock Counter64, 1042 pfTablesAddrPktsOutPass Counter64, 1043 pfTablesAddrPktsOutBlock Counter64 1044} 1045 1046pfTablesAddrIndex OBJECT-TYPE 1047 SYNTAX Integer32 (1..2147483647) 1048 MAX-ACCESS not-accessible 1049 STATUS current 1050 DESCRIPTION 1051 "A unique value, greater than zero, for each address." 1052 ::= { pfTablesAddrEntry 1 } 1053 1054pfTablesAddrNetType OBJECT-TYPE 1055 SYNTAX InetAddressType 1056 MAX-ACCESS read-only 1057 STATUS current 1058 DESCRIPTION 1059 "The type of address in the corresponding pfTablesAddrNet object." 1060 ::= { pfTablesAddrEntry 2 } 1061 1062pfTablesAddrNet OBJECT-TYPE 1063 SYNTAX InetAddress 1064 MAX-ACCESS read-only 1065 STATUS current 1066 DESCRIPTION 1067 "The IP address of this particular table entry." 1068 ::= { pfTablesAddrEntry 3 } 1069 1070pfTablesAddrPrefix OBJECT-TYPE 1071 SYNTAX InetAddressPrefixLength 1072 MAX-ACCESS read-only 1073 STATUS current 1074 DESCRIPTION 1075 "The CIDR netmask of this particular table entry." 1076 ::= { pfTablesAddrEntry 4 } 1077 1078pfTablesAddrTZero OBJECT-TYPE 1079 SYNTAX TimeTicks 1080 UNITS "1/100th of a Second" 1081 MAX-ACCESS read-only 1082 STATUS current 1083 DESCRIPTION 1084 "The time passed since this entry's statistics were last 1085 cleared, or the time passed since this entry was loaded 1086 into the table, whichever is sooner." 1087 ::= { pfTablesAddrEntry 5 } 1088 1089pfTablesAddrBytesInPass OBJECT-TYPE 1090 SYNTAX Counter64 1091 MAX-ACCESS read-only 1092 STATUS current 1093 DESCRIPTION 1094 "The number of inbound bytes passed as a result of this entry." 1095 ::= { pfTablesAddrEntry 6 } 1096 1097pfTablesAddrBytesInBlock OBJECT-TYPE 1098 SYNTAX Counter64 1099 MAX-ACCESS read-only 1100 STATUS current 1101 DESCRIPTION 1102 "The number of inbound bytes blocked as a result of this entry." 1103 ::= { pfTablesAddrEntry 7 } 1104 1105pfTablesAddrBytesOutPass OBJECT-TYPE 1106 SYNTAX Counter64 1107 MAX-ACCESS read-only 1108 STATUS current 1109 DESCRIPTION 1110 "The number of outbound bytes passed as a result of this entry." 1111 ::= { pfTablesAddrEntry 8 } 1112 1113pfTablesAddrBytesOutBlock OBJECT-TYPE 1114 SYNTAX Counter64 1115 MAX-ACCESS read-only 1116 STATUS current 1117 DESCRIPTION 1118 "The number of outbound bytes blocked as a result of this entry." 1119 ::= { pfTablesAddrEntry 9 } 1120 1121pfTablesAddrPktsInPass OBJECT-TYPE 1122 SYNTAX Counter64 1123 MAX-ACCESS read-only 1124 STATUS current 1125 DESCRIPTION 1126 "The number of inbound packets passed as a result of this entry." 1127 ::= { pfTablesAddrEntry 10 } 1128 1129pfTablesAddrPktsInBlock OBJECT-TYPE 1130 SYNTAX Counter64 1131 MAX-ACCESS read-only 1132 STATUS current 1133 DESCRIPTION 1134 "The number of inbound packets blocked as a result of this entry." 1135 ::= { pfTablesAddrEntry 11 } 1136 1137pfTablesAddrPktsOutPass OBJECT-TYPE 1138 SYNTAX Counter64 1139 MAX-ACCESS read-only 1140 STATUS current 1141 DESCRIPTION 1142 "The number of outbound packets passed as a result of this entry." 1143 ::= { pfTablesAddrEntry 12 } 1144 1145pfTablesAddrPktsOutBlock OBJECT-TYPE 1146 SYNTAX Counter64 1147 MAX-ACCESS read-only 1148 STATUS current 1149 DESCRIPTION 1150 "The number of outbound packets blocked as a result of this 1151 entry." 1152 ::= { pfTablesAddrEntry 13 } 1153 1154-- -------------------------------------------------------------------------- 1155 1156-- 1157-- Altq information 1158-- 1159 1160pfAltqQueueNumber OBJECT-TYPE 1161 SYNTAX Unsigned32 1162 MAX-ACCESS read-only 1163 STATUS current 1164 DESCRIPTION 1165 "The number of queues in the active set." 1166 ::= { pfAltq 1 } 1167 1168pfAltqQueueTable OBJECT-TYPE 1169 SYNTAX SEQUENCE OF PfAltqQueueEntry 1170 MAX-ACCESS not-accessible 1171 STATUS current 1172 DESCRIPTION 1173 "Table containing the rules that are active on this system." 1174 ::= { pfAltq 2 } 1175 1176pfAltqQueueEntry OBJECT-TYPE 1177 SYNTAX PfAltqQueueEntry 1178 MAX-ACCESS not-accessible 1179 STATUS current 1180 DESCRIPTION 1181 "An entry in the pfAltqQueueTable table." 1182 INDEX { pfAltqQueueIndex } 1183 ::= { pfAltqQueueTable 1 } 1184 1185PfAltqQueueEntry ::= SEQUENCE { 1186 pfAltqQueueIndex Integer32, 1187 pfAltqQueueDescr OCTET STRING, 1188 pfAltqQueueParent OCTET STRING, 1189 pfAltqQueueScheduler INTEGER, 1190 pfAltqQueueBandwidth Unsigned32, 1191 pfAltqQueuePriority Integer32, 1192 pfAltqQueueLimit Integer32 1193} 1194 1195pfAltqQueueIndex OBJECT-TYPE 1196 SYNTAX Integer32 (1..2147483647) 1197 MAX-ACCESS not-accessible 1198 STATUS current 1199 DESCRIPTION 1200 "A unique value, greater than zero, for each queue." 1201 ::= { pfAltqQueueEntry 1 } 1202 1203pfAltqQueueDescr OBJECT-TYPE 1204 SYNTAX OCTET STRING 1205 MAX-ACCESS read-only 1206 STATUS current 1207 DESCRIPTION 1208 "The name of the queue." 1209 ::= { pfAltqQueueEntry 2 } 1210 1211pfAltqQueueParent OBJECT-TYPE 1212 SYNTAX OCTET STRING 1213 MAX-ACCESS read-only 1214 STATUS current 1215 DESCRIPTION 1216 "Name of the queue's parent if it has one." 1217 ::= { pfAltqQueueEntry 3 } 1218 1219pfAltqQueueScheduler OBJECT-TYPE 1220 SYNTAX INTEGER { cbq(1), hfsc(8), priq(11) } 1221 MAX-ACCESS read-only 1222 STATUS current 1223 DESCRIPTION 1224 "Scheduler algorithm implemented by this queue." 1225 ::= { pfAltqQueueEntry 4 } 1226 1227pfAltqQueueBandwidth OBJECT-TYPE 1228 SYNTAX Unsigned32 1229 MAX-ACCESS read-only 1230 STATUS current 1231 DESCRIPTION 1232 "Bandwitch assigned to this queue." 1233 ::= { pfAltqQueueEntry 5 } 1234 1235pfAltqQueuePriority OBJECT-TYPE 1236 SYNTAX Integer32 1237 MAX-ACCESS read-only 1238 STATUS current 1239 DESCRIPTION 1240 "Priority level of the queue." 1241 ::= { pfAltqQueueEntry 6 } 1242 1243pfAltqQueueLimit OBJECT-TYPE 1244 SYNTAX Integer32 1245 MAX-ACCESS read-only 1246 STATUS current 1247 DESCRIPTION 1248 "Maximum number of packets in the queue." 1249 ::= { pfAltqQueueEntry 7 } 1250 1251pfLabelsLblNumber OBJECT-TYPE 1252 SYNTAX Integer32 1253 MAX-ACCESS read-only 1254 STATUS current 1255 DESCRIPTION 1256 "The number of labeled filter rules on this system." 1257 ::= { pfLabels 1 } 1258 1259pfLabelsLblTable OBJECT-TYPE 1260 SYNTAX SEQUENCE OF PfLabelsLblEntry 1261 MAX-ACCESS not-accessible 1262 STATUS current 1263 DESCRIPTION 1264 "Table of filter rules, index on pfLabelsLblIndex." 1265 ::= { pfLabels 2 } 1266 1267pfLabelsLblEntry OBJECT-TYPE 1268 SYNTAX PfLabelsLblEntry 1269 MAX-ACCESS not-accessible 1270 STATUS current 1271 DESCRIPTION 1272 "Any entry in the pfLabelsLblTable containing information 1273 about a particular filter rule on the system." 1274 INDEX { pfLabelsLblIndex } 1275 ::= { pfLabelsLblTable 1 } 1276 1277PfLabelsLblEntry ::= SEQUENCE { 1278 pfLabelsLblIndex Integer32, 1279 pfLabelsLblName OCTET STRING, 1280 pfLabelsLblEvals Counter64, 1281 pfLabelsLblBytesIn Counter64, 1282 pfLabelsLblBytesOut Counter64, 1283 pfLabelsLblPktsIn Counter64, 1284 pfLabelsLblPktsOut Counter64 1285} 1286 1287pfLabelsLblIndex OBJECT-TYPE 1288 SYNTAX Integer32 (1..2147483647) 1289 MAX-ACCESS not-accessible 1290 STATUS current 1291 DESCRIPTION 1292 "A unique value, greater than zero, for each label." 1293 ::= { pfLabelsLblEntry 1 } 1294 1295pfLabelsLblName OBJECT-TYPE 1296 SYNTAX OCTET STRING 1297 MAX-ACCESS read-only 1298 STATUS current 1299 DESCRIPTION 1300 "The name of the rule label." 1301 ::= { pfLabelsLblEntry 2 } 1302 1303pfLabelsLblEvals OBJECT-TYPE 1304 SYNTAX Counter64 1305 MAX-ACCESS read-only 1306 STATUS current 1307 DESCRIPTION 1308 "The number of rule evaluations." 1309 ::= { pfLabelsLblEntry 3 } 1310 1311pfLabelsLblBytesIn OBJECT-TYPE 1312 SYNTAX Counter64 1313 MAX-ACCESS read-only 1314 STATUS current 1315 DESCRIPTION 1316 "The number of incoming bytes matched by the rule." 1317 ::= { pfLabelsLblEntry 4 } 1318 1319pfLabelsLblBytesOut OBJECT-TYPE 1320 SYNTAX Counter64 1321 MAX-ACCESS read-only 1322 STATUS current 1323 DESCRIPTION 1324 "The number of outgoing bytes matched by the rule." 1325 ::= { pfLabelsLblEntry 5 } 1326 1327pfLabelsLblPktsIn OBJECT-TYPE 1328 SYNTAX Counter64 1329 MAX-ACCESS read-only 1330 STATUS current 1331 DESCRIPTION 1332 "The number of incoming packets matched by the rule." 1333 ::= { pfLabelsLblEntry 6 } 1334 1335pfLabelsLblPktsOut OBJECT-TYPE 1336 SYNTAX Counter64 1337 MAX-ACCESS read-only 1338 STATUS current 1339 DESCRIPTION 1340 "The number of outgoing packets matched by the rule." 1341 ::= { pfLabelsLblEntry 7 } 1342 1343END 1344