Skip to main content

pfSense

Overview​

pfSense is an open source router and firewall software based on FreeBSD and entirely configurable throught a user-friendly web interface.

The Centreon Monitoring Connector pfSense aims to collect the status of the interfaces and the several number of packets per second using with the SNMP protocol.

Monitoring Connector assets​

Monitored objects​

  • pfSense firewall

Monitored metrics​

Metric nameDescriptionUnit
pfinterface.pass.traffic.in.bitspersecondTraffic in Passb/s
pfinterface.pass.traffic.out.bitspersecondTraffic out Passb/s
pfinterface.block.traffic.in.bitspersecondTraffic in Blockb/s
pfinterface.block.traffic.out.bitspersecondTraffic out Blockb/s

Prerequisites​

pfSense firewall configuration​

To use this pack, the SNMP service must be properly configured on your pfSense firewall. Netgate provides an official documentation to achieve this: https://docs.netgate.com/pfsense/en/latest/services/snmp.html

Network flow​

The target server must be reachable from the Centreon Poller on the UDP/161 SNMP port.

Setup​

  1. Install the Centreon package on every Centreon poller expected to monitor a pfSense firewall:
yum install centreon-plugin-Network-Firewalls-Pfsense-Snmp
  1. On the Centreon Web interface, install the pfSense Centreon Monitoring Connector on the Configuration > Monitoring Connector Manager page

Configuration​

Host​

  • Log into Centreon and add a new Host through "Configuration > Hosts".

  • Fill the "Name", "Alias" & "IP Address / DNS" fields according to your pfSense firewall settings

  • Apply the Network-Firewalls-Pfsense-Snmp-custom template and configure all the mandatory Macros:

When using SNMP v3, use the SNMPEXTRAOPTIONS Macro to add specific authentication parameters More information in the Troubleshooting SNMP section.

MandatoryNameDescription
SNMPEXTRAOPTIONSConfigure your own SNMPv3 credentials combo

FAQ​

How to check in the CLI that the configuration is OK and what are the main options for ?​

Once the plugin installed, log into your Centreon Poller CLI using the centreon-engine user account and test the Plugin by running the following command:

/usr/lib/centreon/plugins/centreon_pfsense.pl \
--plugin=apps::pfsense::snmp::plugin \
--mode=pfinterfaces \
--hostname='10.0.0.1' \
--snmp-version='2c' \
--snmp-community='my-snmp-community' \
--filter-name='em.*' \
--warning-traffic-in-block='80' \
--warning-traffic-out-block='90' \
--critical-traffic-in-block='80' \
--critical-traffic-out-block='90' \
--use-new-perfdata

Expected command output is shown below:

OK : All pfInterfaes are ok | 'pfinterface.pass.traffic.in.bitspersecond'=43978.08b/s;0:8000000000;0:9000000000;0;10000000000
'pfinterface.pass.traffic.out.bitspersecond'=77012.32b/s;0:8000000000;0:9000000000;0;10000000000
'pfinterface.block.traffic.in.bitspersecond'=33878.08b/s;0:8000000000;0:9000000000;0;10000000000
'pfinterface.block.traffic.out.bitspersecond'=25014.32b/s;0:8000000000;0:9000000000;0;10000000000

This command triggers a WARNING alarm in the following cases:

  • The traffic in Pass is greater than 80% (--warning-traffic-in-block='80')

  • The traffic in Block is greater than 80% (--warning-traffic-out-block='80')

A CRITICAL alarm is however triggered in the following cases:

  • The traffic in Pass is greater than 90% (--critical-traffic-in-block='90')

  • The traffic in Block is greater than 90% (--critical-traffic-out-block='90')

All available options for a given mode can be displayed by adding the --help parameter to the command:

/usr/lib/centreon/plugins/centreon_pfsense.pl \
--plugin=apps::pfsense::snmp::plugin \
--mode=pfinterfaces \
--help

All plugin modes can be listed with the following command:

/usr/lib/centreon/plugins/centreon_pfsense.pl \
--plugin=apps::pfsense::snmp::plugin \
--list-mode \

UNKNOWN: SNMP GET Request : Timeout​

If you get this message, you're probably facing one of theses issues:

  • Your SNMP server isn't started or misconfigured
  • An external device is blocking your request (firewall, ...)