#!/bin/sh
# pf table stats for BSD/munin
# Author alex@trull-dot-org
#
# Based on the original pf plugin by Gergely Czuczy <phoemix@harmless.hu>
#
# Needs to run as root.
# Add "user root" for the [pf] into plugins.conf.
#
#%# family=auto
#%# capabilities=autoconf

pfctl='/sbin/pfctl'

case $1 in
    config)
    cat <<EOF
graph_title OpenBSD pf table nonmatches
graph_vlabel nonmatches per second
graph_scale no
graph_category network
graph_args -l 0
graph_info OpenBSD's pf table nonmatches
EOF
${pfctl} -s Tables 2> /dev/null | awk '
{print $0".label "$0; print $0".type DERIVE"; print $0".min 0"}'
    exit 0
    ;;
    autoconf)
	# FreeBSD
	ostype=`uname -s`
	if [ ${ostype} = "FreeBSD" ]; then
	    # pf(4) module loaded?
	    if [ `kldstat -v | grep pf | wc -l` -eq 0 ]; then
		echo "no (pf(4) is not loaded)"
		exit 1
	    fi
	    # enabled?
	    if [ `pfctl -si 2>/dev/null | awk '/^Status:/{print $2}'` != "Enabled" ]; then
		echo "no (pf(4) is not enabled, consult pfctl(8)"
		exit 1
	    fi
	# OpenBSD
	elif [ ${ostype} = "OpenBSD" ]; then
            # enabled?
	    if [ `pfctl -si 2>/dev/null | awk '/^Status:/{print $2}'` != "Enabled" ]; then
		echo "no (pf(4) is not enabled, consult pfctl(8)"
		exit 1
	    fi
	# Other OSes
	else
	    echo "no (this plugin is not supported on your OS)"
	    exit 1
	fi
	echo "yes"
	exit 0
	;;
    suggest)
	exit 0;
	;;
esac

${pfctl} -vvs Tables  | egrep -v '(Packets|Anchors|Cleared|Addresses)' | xargs -L2 | awk '{print $2".value "$6}'