#!/bin/sh # # OpenBSD's pf(4) monitoring for OpenBSD # 2007, Originally by Gergely Czuczy # for FreeBSD systems. Ported and splitted by the # immerda admin team admin(at)immerda.ch # this version is adapted for openbsd and is only tested on # openbsd systems. # # Needs to run as root. # Add "user root" for the [pf] into plugins.conf. # # Options: # - env.do_searches yes: to enable state table search monitoring` # #%# family=auto #%# capabilities=autoconf pfctl='/sbin/pfctl' case $1 in config) cat </dev/null | awk '/^Status:/{print $2}'` != "Enabled" ]; then echo "no (pf(4) is not enabled, consult pfctl(8)" exit 0 fi # OpenBSD elif [ ${ostype} = "OpenBSD" ]; then # enabled? if [ `pfctl -si 2>/dev/null | awk '/^Status:/{print $2}'` != "Enabled" ]; then echo "no (pf(4) is not enabled, consult pfctl(8)" exit 0 fi # Other OSes else echo "no (this plugin is not supported on your OS)" exit 0 fi echo "yes" exit 0 ;; suggest) exit 0; ;; esac # ${pfctl} -si 2>/dev/null | awk ' $1~/^match$/{print "matches.value",$2} /state-mismatch/{print "mismatches.value",$2}' ${pfctl} -vsr 2> /dev/null| grep -A 1 ^block | awk 'BEGIN {sum=0}/^[ \t]*\[/{sum=sum+$5} END {print "blocks.value",sum}'