Skip to main content

pfSense

Overview​

pfSense is an open source router and firewall software based on FreeBSD and entirely configurable throught a user-friendly web interface.

The Centreon Plugin-Pack pfSense aims to collect the status of the interfaces and the several number of packets per second using with the SNMP protocol.

Plugin-Pack assets​

Monitored objects​

  • pfSense firewall

Monitored metrics​

Metric nameDescriptionUnit
pfinterface.pass.traffic.in.bitspersecondTraffic in Passb/s
pfinterface.pass.traffic.out.bitspersecondTraffic out Passb/s
pfinterface.block.traffic.in.bitspersecondTraffic in Blockb/s
pfinterface.block.traffic.out.bitspersecondTraffic out Blockb/s

Prerequisites​

pfSense firewall configuration​

To use this pack, the SNMP service must be properly configured on your pfSense firewall. Netgate provides an official documentation to achieve this: https://docs.netgate.com/pfsense/en/latest/services/snmp.html

Network flow​

The target server must be reachable from the Centreon Poller on the UDP/161 SNMP port.

Setup​

  1. Install the Centreon Plugin package on every Centreon poller expected to monitor a pfSense firewall:
yum install centreon-plugin-Network-Firewalls-Pfsense-Snmp
  1. On the Centreon Web interface, install the pfSense Centreon Plugin-Pack on the "Configuration > Plugin Packs > Manager" page

Configuration​

Host​

  • Log into Centreon and add a new Host through "Configuration > Hosts".

  • Fill the "Name", "Alias" & "IP Address / DNS" fields according to your pfSense firewall settings

  • Apply the Network-Firewalls-Pfsense-Snmp-custom template and configure all the mandatory Macros:

If you are using SNMP Version 3, use the SNMPEXTRAOPTIONS Macro to configure your own SNMPv3 credentials combo.

MandatoryNameDescription
SNMPEXTRAOPTIONSConfigure your own SNMPv3 credentials combo

FAQ​

How to check in the CLI that the configuration is OK and what are the main options for ?​

Once the plugin installed, log into your Centreon Poller CLI using the centreon-engine user account and test the Plugin by running the following command:

/usr/lib/centreon/plugins/centreon_pfsense.pl \
--plugin=apps::pfsense::snmp::plugin \
--mode=pfinterfaces \
--hostname='10.0.0.1' \
--snmp-version='2c' \
--snmp-community='my-snmp-community' \
--filter-name='em.*' \
--warning-traffic-in-block='80' \
--warning-traffic-out-block='90' \
--critical-traffic-in-block='80' \
--critical-traffic-out-block='90' \
--use-new-perfdata

Expected command output is shown below:

OK : All pfInterfaes are ok | 'pfinterface.pass.traffic.in.bitspersecond'=43978.08b/s;0:8000000000;0:9000000000;0;10000000000
'pfinterface.pass.traffic.out.bitspersecond'=77012.32b/s;0:8000000000;0:9000000000;0;10000000000
'pfinterface.block.traffic.in.bitspersecond'=33878.08b/s;0:8000000000;0:9000000000;0;10000000000
'pfinterface.block.traffic.out.bitspersecond'=25014.32b/s;0:8000000000;0:9000000000;0;10000000000

This command triggers a WARNING alarm in the following cases:

  • The traffic in Pass is greater than 80% (--warning-traffic-in-block='80')

  • The traffic in Block is greater than 80% (--warning-traffic-out-block='80')

A CRITICAL alarm is however triggered in the following cases:

  • The traffic in Pass is greater than 90% (--critical-traffic-in-block='90')

  • The traffic in Block is greater than 90% (--critical-traffic-out-block='90')

All available options for a given mode can be displayed by adding the --help parameter to the command:

/usr/lib/centreon/plugins/centreon_pfsense.pl \
--plugin=apps::pfsense::snmp::plugin \
--mode=pfinterfaces \
--help

All plugin modes can be listed with the following command:

/usr/lib/centreon/plugins/centreon_pfsense.pl \
--plugin=apps::pfsense::snmp::plugin \
--list-mode \

UNKNOWN: SNMP GET Request : Timeout​

If you get this message, you're probably facing one of theses issues:

  • Your SNMP server isn't started or misconfigured
  • An external device is blocking your request (firewall, ...)