2 -- ----------------------------------------------------------------------------
3 -- "THE BEER-WARE LICENSE" (Revision 42):
4 -- <philip@FreeBSD.org> wrote this file. As long as you retain this notice you
5 -- can do whatever you want with this stuff. If we meet some day, and you think
6 -- this stuff is worth it, you can buy me a beer in return. -Philip Paeps
7 -- ----------------------------------------------------------------------------
12 BEGEMOT-PF-MIB DEFINITIONS ::= BEGIN
15 MODULE-IDENTITY, OBJECT-TYPE, Counter64, Integer32,
20 InetAddress, InetAddressType, InetAddressPrefixLength
25 begemotPf MODULE-IDENTITY
26 LAST-UPDATED "201003180000Z"
27 ORGANIZATION "NixSys BVBA"
36 E-Mail: philip@FreeBSD.org"
38 "The Begemot MIB for the pf packet filter."
39 REVISION "201003180000Z"
41 "Modified pfTablesAddrEntry to support IPv6
42 addresses - added pfTablesAddrNetType column
43 and modified type of pfTablesAddrNet to
45 REVISION "200912050000Z"
47 "Added support for retrieving counters of labeled
48 pf filter rules via pfLabelspfLabels subtree."
49 REVISION "200501240000Z"
55 begemotPfObjects OBJECT IDENTIFIER ::= { begemotPf 1 }
57 -- --------------------------------------------------------------------------
59 pfStatus OBJECT IDENTIFIER ::= { begemotPfObjects 1 }
60 pfCounter OBJECT IDENTIFIER ::= { begemotPfObjects 2 }
61 pfStateTable OBJECT IDENTIFIER ::= { begemotPfObjects 3 }
62 pfSrcNodes OBJECT IDENTIFIER ::= { begemotPfObjects 4 }
63 pfLimits OBJECT IDENTIFIER ::= { begemotPfObjects 5 }
64 pfTimeouts OBJECT IDENTIFIER ::= { begemotPfObjects 6 }
65 pfLogInterface OBJECT IDENTIFIER ::= { begemotPfObjects 7 }
66 pfInterfaces OBJECT IDENTIFIER ::= { begemotPfObjects 8 }
67 pfTables OBJECT IDENTIFIER ::= { begemotPfObjects 9 }
68 pfAltq OBJECT IDENTIFIER ::= { begemotPfObjects 10 }
69 pfLabels OBJECT IDENTIFIER ::= { begemotPfObjects 11 }
71 -- --------------------------------------------------------------------------
77 pfStatusRunning OBJECT-TYPE
82 "True if pf is currently enabled."
85 pfStatusRuntime OBJECT-TYPE
87 UNITS "1/100th of a Second"
91 "Indicates how long pf has been enabled. If pf is not currently
92 enabled, indicates how long it has been disabled. If pf has not
93 been enabled or disabled since the system was started, the value
97 pfStatusDebug OBJECT-TYPE
98 SYNTAX INTEGER { none(0), urgent(1), misc(2), loud(3) }
102 "Indicates the debug level at which pf is running."
105 pfStatusHostId OBJECT-TYPE
110 "The (unique) host identifier of the machine running pf."
113 -- --------------------------------------------------------------------------
119 pfCounterMatch OBJECT-TYPE
124 "Number of packets that matched a filter rule."
127 pfCounterBadOffset OBJECT-TYPE
132 "Number of packets with bad offset."
135 pfCounterFragment OBJECT-TYPE
140 "Number of fragmented packets."
143 pfCounterShort OBJECT-TYPE
148 "Number of short packets."
151 pfCounterNormalize OBJECT-TYPE
156 "Number of normalized packets."
159 pfCounterMemDrop OBJECT-TYPE
164 "Number of packets dropped due to memory limitations."
167 -- --------------------------------------------------------------------------
173 pfStateTableCount OBJECT-TYPE
178 "Number of entries in the state table."
179 ::= { pfStateTable 1 }
181 pfStateTableSearches OBJECT-TYPE
186 "Number of searches against the state table."
187 ::= { pfStateTable 2 }
189 pfStateTableInserts OBJECT-TYPE
194 "Number of entries inserted into the state table."
195 ::= { pfStateTable 3 }
197 pfStateTableRemovals OBJECT-TYPE
202 "Number of entries removed from the state table."
203 ::= { pfStateTable 4 }
205 -- --------------------------------------------------------------------------
211 pfSrcNodesCount OBJECT-TYPE
216 "Number of entries in the source tracking table."
219 pfSrcNodesSearches OBJECT-TYPE
224 "Number of searches against the source tracking table."
227 pfSrcNodesInserts OBJECT-TYPE
232 "Number of entries inserted into the source tracking table."
235 pfSrcNodesRemovals OBJECT-TYPE
240 "Number of entries removed from the source tracking table."
243 -- --------------------------------------------------------------------------
249 pfLimitsStates OBJECT-TYPE
254 "Maximum number of 'keep state' rules in the ruleset."
257 pfLimitsSrcNodes OBJECT-TYPE
262 "Maximum number of 'sticky-address' or 'source-track' rules
266 pfLimitsFrags OBJECT-TYPE
271 "Maximum number of 'scrub' rules in the ruleset."
274 -- --------------------------------------------------------------------------
280 pfTimeoutsTcpFirst OBJECT-TYPE
285 "State after the first packet in a connection."
288 pfTimeoutsTcpOpening OBJECT-TYPE
293 "State before the destination host ever sends a packet."
296 pfTimeoutsTcpEstablished OBJECT-TYPE
301 "The fully established state."
304 pfTimeoutsTcpClosing OBJECT-TYPE
309 "State after the first FIN has been sent."
312 pfTimeoutsTcpFinWait OBJECT-TYPE
317 "State after both FINs have been exchanged and the
318 connection is closed."
321 pfTimeoutsTcpClosed OBJECT-TYPE
326 "State after one endpoint sends an RST."
329 pfTimeoutsUdpFirst OBJECT-TYPE
334 "State after the first packet."
337 pfTimeoutsUdpSingle OBJECT-TYPE
342 "State if the source host sends more than one packet but
343 the destination host has never sent one back."
346 pfTimeoutsUdpMultiple OBJECT-TYPE
351 "State if both hosts have sent packets."
354 pfTimeoutsIcmpFirst OBJECT-TYPE
359 "State after the first packet."
360 ::= { pfTimeouts 10 }
362 pfTimeoutsIcmpError OBJECT-TYPE
367 "State after an ICMP error came back in response to an
369 ::= { pfTimeouts 11 }
371 pfTimeoutsOtherFirst OBJECT-TYPE
376 "State after the first packet."
377 ::= { pfTimeouts 12 }
379 pfTimeoutsOtherSingle OBJECT-TYPE
384 "State if the source host sends more than one packet but
385 the destination host has never sent one back."
386 ::= { pfTimeouts 13 }
388 pfTimeoutsOtherMultiple OBJECT-TYPE
393 "State if both hosts have sent packets."
394 ::= { pfTimeouts 14 }
396 pfTimeoutsFragment OBJECT-TYPE
401 "Seconds before an unassembled fragment is expired."
402 ::= { pfTimeouts 15 }
404 pfTimeoutsInterval OBJECT-TYPE
409 "Interval between purging expired states and fragments."
410 ::= { pfTimeouts 16 }
412 pfTimeoutsAdaptiveStart OBJECT-TYPE
417 "When the number of state entries exceeds this value,
418 adaptive scaling begins."
419 ::= { pfTimeouts 17 }
421 pfTimeoutsAdaptiveEnd OBJECT-TYPE
426 "When reaching this number of state entries, all timeout
427 values become zero, effectively purging all state entries
429 ::= { pfTimeouts 18 }
431 pfTimeoutsSrcNode OBJECT-TYPE
436 "Length of time to retain a source tracking entry after
437 the last state expires."
438 ::= { pfTimeouts 19 }
440 -- --------------------------------------------------------------------------
446 pfLogInterfaceName OBJECT-TYPE
451 "The name of the interface configured with 'set loginterface'.
452 If no interface has been configured, the object will be empty."
453 ::= { pfLogInterface 1 }
455 pfLogInterfaceIp4BytesIn OBJECT-TYPE
460 "Number of IPv4 bytes passed in on the loginterface."
461 ::= { pfLogInterface 2 }
463 pfLogInterfaceIp4BytesOut OBJECT-TYPE
468 "Number of IPv4 bytes passed out on the loginterface."
469 ::= { pfLogInterface 3 }
471 pfLogInterfaceIp4PktsInPass OBJECT-TYPE
476 "Number of IPv4 packets passed in on the loginterface."
477 ::= { pfLogInterface 4 }
479 pfLogInterfaceIp4PktsInDrop OBJECT-TYPE
484 "Number of IPv4 packets dropped coming in on the loginterface."
485 ::= { pfLogInterface 5 }
487 pfLogInterfaceIp4PktsOutPass OBJECT-TYPE
492 "Number of IPv4 packets passed out on the loginterface."
493 ::= { pfLogInterface 6 }
495 pfLogInterfaceIp4PktsOutDrop OBJECT-TYPE
500 "Number of IPv4 packets dropped going out on the loginterface."
501 ::= { pfLogInterface 7 }
503 pfLogInterfaceIp6BytesIn OBJECT-TYPE
508 "Number of IPv6 bytes passed in on the loginterface."
509 ::= { pfLogInterface 8 }
511 pfLogInterfaceIp6BytesOut OBJECT-TYPE
516 "Number of IPv6 bytes passed out on the loginterface."
517 ::= { pfLogInterface 9 }
519 pfLogInterfaceIp6PktsInPass OBJECT-TYPE
524 "Number of IPv6 packets passed in on the loginterface."
525 ::= { pfLogInterface 10 }
527 pfLogInterfaceIp6PktsInDrop OBJECT-TYPE
532 "Number of IPv6 packets dropped coming in on the loginterface."
533 ::= { pfLogInterface 11 }
535 pfLogInterfaceIp6PktsOutPass OBJECT-TYPE
540 "Number of IPv6 packets passed out on the loginterface."
541 ::= { pfLogInterface 12 }
543 pfLogInterfaceIp6PktsOutDrop OBJECT-TYPE
548 "Number of IPv6 packets dropped going out on the loginterface."
549 ::= { pfLogInterface 13 }
551 -- --------------------------------------------------------------------------
557 pfInterfacesIfNumber OBJECT-TYPE
562 "The number of network interfaces on this system."
563 ::= { pfInterfaces 1 }
565 pfInterfacesIfTable OBJECT-TYPE
566 SYNTAX SEQUENCE OF PfInterfacesIfEntry
567 MAX-ACCESS not-accessible
570 "Table of network interfaces, indexed on pfInterfacesIfNumber."
571 ::= { pfInterfaces 2 }
573 pfInterfacesIfEntry OBJECT-TYPE
574 SYNTAX PfInterfacesIfEntry
575 MAX-ACCESS not-accessible
578 "An entry in the pfInterfacesIfTable containing information
579 about a particular network interface in the machine."
580 INDEX { pfInterfacesIfIndex }
581 ::= { pfInterfacesIfTable 1 }
583 PfInterfacesIfEntry ::= SEQUENCE {
584 pfInterfacesIfIndex Integer32,
585 pfInterfacesIfDescr OCTET STRING,
586 pfInterfacesIfType INTEGER,
587 pfInterfacesIfTZero TimeTicks,
588 pfInterfacesIfRefsState Null,
589 pfInterfacesIfRefsRule Unsigned32,
590 pfInterfacesIf4BytesInPass Counter64,
591 pfInterfacesIf4BytesInBlock Counter64,
592 pfInterfacesIf4BytesOutPass Counter64,
593 pfInterfacesIf4BytesOutBlock Counter64,
594 pfInterfacesIf4PktsInPass Counter64,
595 pfInterfacesIf4PktsInBlock Counter64,
596 pfInterfacesIf4PktsOutPass Counter64,
597 pfInterfacesIf4PktsOutBlock Counter64,
598 pfInterfacesIf6BytesInPass Counter64,
599 pfInterfacesIf6BytesInBlock Counter64,
600 pfInterfacesIf6BytesOutPass Counter64,
601 pfInterfacesIf6BytesOutBlock Counter64,
602 pfInterfacesIf6PktsInPass Counter64,
603 pfInterfacesIf6PktsInBlock Counter64,
604 pfInterfacesIf6PktsOutPass Counter64,
605 pfInterfacesIf6PktsOutBlock Counter64
608 pfInterfacesIfIndex OBJECT-TYPE
609 SYNTAX Integer32 (1..2147483647)
610 MAX-ACCESS not-accessible
613 "A unique value, greater than zero, for each interface."
614 ::= { pfInterfacesIfEntry 1 }
616 pfInterfacesIfDescr OBJECT-TYPE
621 "The name of the interface."
622 ::= { pfInterfacesIfEntry 2 }
624 pfInterfacesIfType OBJECT-TYPE
625 SYNTAX INTEGER { group(0), instance(1), detached(2) }
629 "Indicates whether the interface is a group inteface, an
630 interface instance, or whether it has been removed or
632 ::= { pfInterfacesIfEntry 3 }
634 pfInterfacesIfTZero OBJECT-TYPE
636 UNITS "1/100th of a Second"
640 "Time since statistics were last reset or since the
641 interface was loaded."
642 ::= { pfInterfacesIfEntry 4 }
644 pfInterfacesIfRefsState OBJECT-TYPE
649 "The number of state and/or source track entries referencing
651 ::= { pfInterfacesIfEntry 5 }
653 pfInterfacesIfRefsRule OBJECT-TYPE
658 "The number of rules referencing this interface."
659 ::= { pfInterfacesIfEntry 6 }
661 pfInterfacesIf4BytesInPass OBJECT-TYPE
666 "The number of IPv4 bytes passed coming in on this interface."
667 ::= { pfInterfacesIfEntry 7 }
669 pfInterfacesIf4BytesInBlock OBJECT-TYPE
674 "The number of IPv4 bytes blocked coming in on this interface."
675 ::= { pfInterfacesIfEntry 8 }
677 pfInterfacesIf4BytesOutPass OBJECT-TYPE
682 "The number of IPv4 bytes passed going out on this interface."
683 ::= { pfInterfacesIfEntry 9 }
685 pfInterfacesIf4BytesOutBlock OBJECT-TYPE
690 "The number of IPv4 bytes blocked going out on this interface."
691 ::= { pfInterfacesIfEntry 10 }
693 pfInterfacesIf4PktsInPass OBJECT-TYPE
698 "The number of IPv4 packets passed coming in on this interface."
699 ::= { pfInterfacesIfEntry 11 }
701 pfInterfacesIf4PktsInBlock OBJECT-TYPE
706 "The number of IPv4 packets blocked coming in on this interface."
707 ::= { pfInterfacesIfEntry 12 }
709 pfInterfacesIf4PktsOutPass OBJECT-TYPE
714 "The number of IPv4 packets passed going out on this interface."
715 ::= { pfInterfacesIfEntry 13 }
717 pfInterfacesIf4PktsOutBlock OBJECT-TYPE
722 "The number of IPv4 packets blocked going out on this interface."
723 ::= { pfInterfacesIfEntry 14 }
725 pfInterfacesIf6BytesInPass OBJECT-TYPE
730 "The number of IPv6 bytes passed coming in on this interface."
731 ::= { pfInterfacesIfEntry 15 }
733 pfInterfacesIf6BytesInBlock OBJECT-TYPE
738 "The number of IPv6 bytes blocked coming in on this interface."
739 ::= { pfInterfacesIfEntry 16 }
741 pfInterfacesIf6BytesOutPass OBJECT-TYPE
746 "The number of IPv6 bytes passed going out on this interface."
747 ::= { pfInterfacesIfEntry 17 }
749 pfInterfacesIf6BytesOutBlock OBJECT-TYPE
754 "The number of IPv6 bytes blocked going out on this interface."
755 ::= { pfInterfacesIfEntry 18 }
758 pfInterfacesIf6PktsInPass OBJECT-TYPE
763 "The number of IPv6 packets passed coming in on this interface."
764 ::= { pfInterfacesIfEntry 19 }
766 pfInterfacesIf6PktsInBlock OBJECT-TYPE
771 "The number of IPv6 packets blocked coming in on this interface."
772 ::= { pfInterfacesIfEntry 20 }
774 pfInterfacesIf6PktsOutPass OBJECT-TYPE
779 "The number of IPv6 packets passed going out on this interface."
780 ::= { pfInterfacesIfEntry 21 }
782 pfInterfacesIf6PktsOutBlock OBJECT-TYPE
787 "The number of IPv6 packets blocked going out on this interface."
788 ::= { pfInterfacesIfEntry 22 }
790 -- --------------------------------------------------------------------------
796 pfTablesTblNumber OBJECT-TYPE
801 "The number of tables on this system."
804 pfTablesTblTable OBJECT-TYPE
805 SYNTAX SEQUENCE OF PfTablesTblEntry
806 MAX-ACCESS not-accessible
809 "Table of tables, index on pfTablesTblIndex."
812 pfTablesTblEntry OBJECT-TYPE
813 SYNTAX PfTablesTblEntry
814 MAX-ACCESS not-accessible
817 "Any entry in the pfTablesTblTable containing information
818 about a particular table on the system."
819 INDEX { pfTablesTblIndex }
820 ::= { pfTablesTblTable 1 }
822 PfTablesTblEntry ::= SEQUENCE {
823 pfTablesTblIndex Integer32,
824 pfTablesTblDescr OCTET STRING,
825 pfTablesTblCount Integer32,
826 pfTablesTblTZero TimeTicks,
827 pfTablesTblRefsAnchor Integer32,
828 pfTablesTblRefsRule Integer32,
829 pfTablesTblEvalMatch Counter64,
830 pfTablesTblEvalNoMatch Counter64,
831 pfTablesTblBytesInPass Counter64,
832 pfTablesTblBytesInBlock Counter64,
833 pfTablesTblBytesInXPass Counter64,
834 pfTablesTblBytesOutPass Counter64,
835 pfTablesTblBytesOutBlock Counter64,
836 pfTablesTblBytesOutXPass Counter64,
837 pfTablesTblPktsInPass Counter64,
838 pfTablesTblPktsInBlock Counter64,
839 pfTablesTblPktsInXPass Counter64,
840 pfTablesTblPktsOutPass Counter64,
841 pfTablesTblPktsOutBlock Counter64,
842 pfTablesTblPktsOutXPass Counter64
845 pfTablesTblIndex OBJECT-TYPE
846 SYNTAX Integer32 (1..2147483647)
847 MAX-ACCESS not-accessible
850 "A unique value, greater than zero, for each table."
851 ::= { pfTablesTblEntry 1 }
853 pfTablesTblDescr OBJECT-TYPE
858 "The name of the table."
859 ::= { pfTablesTblEntry 2 }
861 pfTablesTblCount OBJECT-TYPE
866 "The number of addresses in the table."
867 ::= { pfTablesTblEntry 3 }
869 pfTablesTblTZero OBJECT-TYPE
871 UNITS "1/100th of a Second"
875 "The time passed since the statistics of this table were last
876 cleared or the time since this table was loaded, whichever is
878 ::= { pfTablesTblEntry 4 }
880 pfTablesTblRefsAnchor OBJECT-TYPE
885 "The number of anchors referencing this table."
886 ::= { pfTablesTblEntry 5 }
888 pfTablesTblRefsRule OBJECT-TYPE
893 "The number of rules referencing this table."
894 ::= { pfTablesTblEntry 6 }
896 pfTablesTblEvalMatch OBJECT-TYPE
901 "The number of evaluations returning a match."
902 ::= { pfTablesTblEntry 7 }
904 pfTablesTblEvalNoMatch OBJECT-TYPE
909 "The number of evaluations not returning a match."
910 ::= { pfTablesTblEntry 8 }
912 pfTablesTblBytesInPass OBJECT-TYPE
917 "The number of bytes passed in matching the table."
918 ::= { pfTablesTblEntry 9 }
920 pfTablesTblBytesInBlock OBJECT-TYPE
925 "The number of bytes blocked coming in matching the table."
926 ::= { pfTablesTblEntry 10 }
928 pfTablesTblBytesInXPass OBJECT-TYPE
933 "The number of bytes statefully passed in where the state
934 entry refers to the table, but the table no longer contains
935 the address in question."
936 ::= { pfTablesTblEntry 11 }
938 pfTablesTblBytesOutPass OBJECT-TYPE
943 "The number of bytes passed out matching the table."
944 ::= { pfTablesTblEntry 12 }
946 pfTablesTblBytesOutBlock OBJECT-TYPE
951 "The number of bytes blocked going out matching the table."
952 ::= { pfTablesTblEntry 13 }
954 pfTablesTblBytesOutXPass OBJECT-TYPE
959 "The number of bytes statefully passed out where the state
960 entry refers to the table, but the table no longer contains
961 the address in question."
962 ::= { pfTablesTblEntry 14 }
964 pfTablesTblPktsInPass OBJECT-TYPE
969 "The number of packets passed in matching the table."
970 ::= { pfTablesTblEntry 15 }
972 pfTablesTblPktsInBlock OBJECT-TYPE
977 "The number of packets blocked coming in matching the table."
978 ::= { pfTablesTblEntry 16 }
980 pfTablesTblPktsInXPass OBJECT-TYPE
985 "The number of packets statefully passed in where the state
986 entry refers to the table, but the table no longer contains
987 the address in question."
988 ::= { pfTablesTblEntry 17 }
990 pfTablesTblPktsOutPass OBJECT-TYPE
995 "The number of packets passed out matching the table."
996 ::= { pfTablesTblEntry 18 }
998 pfTablesTblPktsOutBlock OBJECT-TYPE
1000 MAX-ACCESS read-only
1003 "The number of packets blocked going out matching the table."
1004 ::= { pfTablesTblEntry 19 }
1006 pfTablesTblPktsOutXPass OBJECT-TYPE
1008 MAX-ACCESS read-only
1011 "The number of packets statefully passed out where the state
1012 entry refers to the table, but the table no longer contains
1013 the address in question."
1014 ::= { pfTablesTblEntry 20 }
1016 pfTablesAddrTable OBJECT-TYPE
1017 SYNTAX SEQUENCE OF PfTablesAddrEntry
1018 MAX-ACCESS not-accessible
1021 "Table of addresses from every table on the system."
1024 pfTablesAddrEntry OBJECT-TYPE
1025 SYNTAX PfTablesAddrEntry
1026 MAX-ACCESS not-accessible
1029 "An entry in the pfTablesAddrTable containing information
1030 about a particular entry in a table."
1031 INDEX { pfTablesAddrIndex }
1032 ::= { pfTablesAddrTable 1 }
1034 PfTablesAddrEntry ::= SEQUENCE {
1035 pfTablesAddrIndex Integer32,
1036 pfTablesAddrNetType InetAddressType,
1037 pfTablesAddrNet InetAddress,
1038 pfTablesAddrPrefix InetAddressPrefixLength,
1039 pfTablesAddrTZero TimeTicks,
1040 pfTablesAddrBytesInPass Counter64,
1041 pfTablesAddrBytesInBlock Counter64,
1042 pfTablesAddrBytesOutPass Counter64,
1043 pfTablesAddrBytesOutBlock Counter64,
1044 pfTablesAddrPktsInPass Counter64,
1045 pfTablesAddrPktsInBlock Counter64,
1046 pfTablesAddrPktsOutPass Counter64,
1047 pfTablesAddrPktsOutBlock Counter64
1050 pfTablesAddrIndex OBJECT-TYPE
1051 SYNTAX Integer32 (1..2147483647)
1052 MAX-ACCESS not-accessible
1055 "A unique value, greater than zero, for each address."
1056 ::= { pfTablesAddrEntry 1 }
1058 pfTablesAddrNetType OBJECT-TYPE
1059 SYNTAX InetAddressType
1060 MAX-ACCESS read-only
1063 "The type of address in the corresponding pfTablesAddrNet object."
1064 ::= { pfTablesAddrEntry 2 }
1066 pfTablesAddrNet OBJECT-TYPE
1068 MAX-ACCESS read-only
1071 "The IP address of this particular table entry."
1072 ::= { pfTablesAddrEntry 3 }
1074 pfTablesAddrPrefix OBJECT-TYPE
1075 SYNTAX InetAddressPrefixLength
1076 MAX-ACCESS read-only
1079 "The CIDR netmask of this particular table entry."
1080 ::= { pfTablesAddrEntry 4 }
1082 pfTablesAddrTZero OBJECT-TYPE
1084 UNITS "1/100th of a Second"
1085 MAX-ACCESS read-only
1088 "The time passed since this entry's statistics were last
1089 cleared, or the time passed since this entry was loaded
1090 into the table, whichever is sooner."
1091 ::= { pfTablesAddrEntry 5 }
1093 pfTablesAddrBytesInPass OBJECT-TYPE
1095 MAX-ACCESS read-only
1098 "The number of inbound bytes passed as a result of this entry."
1099 ::= { pfTablesAddrEntry 6 }
1101 pfTablesAddrBytesInBlock OBJECT-TYPE
1103 MAX-ACCESS read-only
1106 "The number of inbound bytes blocked as a result of this entry."
1107 ::= { pfTablesAddrEntry 7 }
1109 pfTablesAddrBytesOutPass OBJECT-TYPE
1111 MAX-ACCESS read-only
1114 "The number of outbound bytes passed as a result of this entry."
1115 ::= { pfTablesAddrEntry 8 }
1117 pfTablesAddrBytesOutBlock OBJECT-TYPE
1119 MAX-ACCESS read-only
1122 "The number of outbound bytes blocked as a result of this entry."
1123 ::= { pfTablesAddrEntry 9 }
1125 pfTablesAddrPktsInPass OBJECT-TYPE
1127 MAX-ACCESS read-only
1130 "The number of inbound packets passed as a result of this entry."
1131 ::= { pfTablesAddrEntry 10 }
1133 pfTablesAddrPktsInBlock OBJECT-TYPE
1135 MAX-ACCESS read-only
1138 "The number of inbound packets blocked as a result of this entry."
1139 ::= { pfTablesAddrEntry 11 }
1141 pfTablesAddrPktsOutPass OBJECT-TYPE
1143 MAX-ACCESS read-only
1146 "The number of outbound packets passed as a result of this entry."
1147 ::= { pfTablesAddrEntry 12 }
1149 pfTablesAddrPktsOutBlock OBJECT-TYPE
1151 MAX-ACCESS read-only
1154 "The number of outbound packets blocked as a result of this
1156 ::= { pfTablesAddrEntry 13 }
1158 -- --------------------------------------------------------------------------
1164 pfAltqQueueNumber OBJECT-TYPE
1166 MAX-ACCESS read-only
1169 "The number of queues in the active set."
1172 pfAltqQueueTable OBJECT-TYPE
1173 SYNTAX SEQUENCE OF PfAltqQueueEntry
1174 MAX-ACCESS not-accessible
1177 "Table containing the rules that are active on this system."
1180 pfAltqQueueEntry OBJECT-TYPE
1181 SYNTAX PfAltqQueueEntry
1182 MAX-ACCESS not-accessible
1185 "An entry in the pfAltqQueueTable table."
1186 INDEX { pfAltqQueueIndex }
1187 ::= { pfAltqQueueTable 1 }
1189 PfAltqQueueEntry ::= SEQUENCE {
1190 pfAltqQueueIndex Integer32,
1191 pfAltqQueueDescr OCTET STRING,
1192 pfAltqQueueParent OCTET STRING,
1193 pfAltqQueueScheduler INTEGER,
1194 pfAltqQueueBandwidth Unsigned32,
1195 pfAltqQueuePriority Integer32,
1196 pfAltqQueueLimit Integer32
1199 pfAltqQueueIndex OBJECT-TYPE
1200 SYNTAX Integer32 (1..2147483647)
1201 MAX-ACCESS not-accessible
1204 "A unique value, greater than zero, for each queue."
1205 ::= { pfAltqQueueEntry 1 }
1207 pfAltqQueueDescr OBJECT-TYPE
1209 MAX-ACCESS read-only
1212 "The name of the queue."
1213 ::= { pfAltqQueueEntry 2 }
1215 pfAltqQueueParent OBJECT-TYPE
1217 MAX-ACCESS read-only
1220 "Name of the queue's parent if it has one."
1221 ::= { pfAltqQueueEntry 3 }
1223 pfAltqQueueScheduler OBJECT-TYPE
1224 SYNTAX INTEGER { cbq(1), hfsc(8), priq(11) }
1225 MAX-ACCESS read-only
1228 "Scheduler algorithm implemented by this queue."
1229 ::= { pfAltqQueueEntry 4 }
1231 pfAltqQueueBandwidth OBJECT-TYPE
1233 MAX-ACCESS read-only
1236 "Bandwitch assigned to this queue."
1237 ::= { pfAltqQueueEntry 5 }
1239 pfAltqQueuePriority OBJECT-TYPE
1241 MAX-ACCESS read-only
1244 "Priority level of the queue."
1245 ::= { pfAltqQueueEntry 6 }
1247 pfAltqQueueLimit OBJECT-TYPE
1249 MAX-ACCESS read-only
1252 "Maximum number of packets in the queue."
1253 ::= { pfAltqQueueEntry 7 }
1255 pfLabelsLblNumber OBJECT-TYPE
1257 MAX-ACCESS read-only
1260 "The number of labeled filter rules on this system."
1263 pfLabelsLblTable OBJECT-TYPE
1264 SYNTAX SEQUENCE OF PfLabelsLblEntry
1265 MAX-ACCESS not-accessible
1268 "Table of filter rules, index on pfLabelsLblIndex."
1271 pfLabelsLblEntry OBJECT-TYPE
1272 SYNTAX PfLabelsLblEntry
1273 MAX-ACCESS not-accessible
1276 "Any entry in the pfLabelsLblTable containing information
1277 about a particular filter rule on the system."
1278 INDEX { pfLabelsLblIndex }
1279 ::= { pfLabelsLblTable 1 }
1281 PfLabelsLblEntry ::= SEQUENCE {
1282 pfLabelsLblIndex Integer32,
1283 pfLabelsLblName OCTET STRING,
1284 pfLabelsLblEvals Counter64,
1285 pfLabelsLblBytesIn Counter64,
1286 pfLabelsLblBytesOut Counter64,
1287 pfLabelsLblPktsIn Counter64,
1288 pfLabelsLblPktsOut Counter64
1291 pfLabelsLblIndex OBJECT-TYPE
1292 SYNTAX Integer32 (1..2147483647)
1293 MAX-ACCESS not-accessible
1296 "A unique value, greater than zero, for each label."
1297 ::= { pfLabelsLblEntry 1 }
1299 pfLabelsLblName OBJECT-TYPE
1301 MAX-ACCESS read-only
1304 "The name of the rule label."
1305 ::= { pfLabelsLblEntry 2 }
1307 pfLabelsLblEvals OBJECT-TYPE
1309 MAX-ACCESS read-only
1312 "The number of rule evaluations."
1313 ::= { pfLabelsLblEntry 3 }
1315 pfLabelsLblBytesIn OBJECT-TYPE
1317 MAX-ACCESS read-only
1320 "The number of incoming bytes matched by the rule."
1321 ::= { pfLabelsLblEntry 4 }
1323 pfLabelsLblBytesOut OBJECT-TYPE
1325 MAX-ACCESS read-only
1328 "The number of outgoing bytes matched by the rule."
1329 ::= { pfLabelsLblEntry 5 }
1331 pfLabelsLblPktsIn OBJECT-TYPE
1333 MAX-ACCESS read-only
1336 "The number of incoming packets matched by the rule."
1337 ::= { pfLabelsLblEntry 6 }
1339 pfLabelsLblPktsOut OBJECT-TYPE
1341 MAX-ACCESS read-only
1344 "The number of outgoing packets matched by the rule."
1345 ::= { pfLabelsLblEntry 7 }