Howto monitor OpenBSD PF firewall for performance

Posted on in Categories Monitoring, OpenBSD, Security, UNIX last updated July 3, 2007

Packet Filter aka PF is OpenBSD’s system for filtering TCP/IP traffic / NAT software. I always like the simplicity offered by PF firewall. There is a new article that explains the PF performance monitoring:

The PF (packet filter) firewall package was introduced in OpenBSD 3.0, and has since been ported to the FreeBSD and NetBSD Operating Systems. PF contains a stateful packet inspection engine, the ability to replicate state information to a backup firewall, a flexible self optimizing rule engine, QOS support, and the ability to collect performance metrics. These metrics can be useful for gauging the performance of a firewall platform, and provide a way to trend firewall performance over time. This article will describe several utilities that can be used to monitor the health and performance of a PF firewall.

On a related note you may find our FreeBSD firewall startup guide quite useful.

Monitoring PF firewalls for health and performance []

HowTo: Monitor Linux / BSD System Over Time Without Scrolling Output

Posted on in Categories Linux, UNIX last updated June 5, 2012

You can use the watch command to execute a program or shell script periodically, display its output on screen repeatedly. This allows you to watch the program output change over time. By default, the program is run every 2 seconds. This is useful to monitor memory utilization or disk space usage over time without having to look at scrolling output.