Open zyxep opened 10 months ago
pf_exporter
already has a PR for FreeBSD support at: https://github.com/mischief/pf_exporter/pull/5
iptables
was rejected at #637 as it'd need too many privileges to be given to node_exporter
.
i'm curious, why can't that PR at pf_exporter
be ported into node_exporter
?
My use-case is that I have X amount of Opnsense machines and it's kinda a closed off regarding installing an app outside of their plugin manager (they do use bsd ports).
so having both node_exporter
installed and configured with an exposed port + run pf_exporter
with an exposed port makes it annoying when I need to scrape.
Because then I need X * Y in my job on Prometheus, each run by it's own so how would I know if the metrics is consistant when I visualize it in e.g. Grafana?
If i should run pf_exporter
then i would fork the repo, merge that PR into my own and then convert it from http to just write the metrics into text files so that that the textfile collector will collect them, but then i need to run that program all the time as well.
another thing, it doesn't seem to be very much alive, so i would also see that as a positive thing to get into node_exporter
.
Last thing, i agree about iptables
with #637 makes no sense with those privileges.
Host operating system: output of
uname -a
OPNsense 23.7.8_1-amd64 FreeBSD 13.2-RELEASE-p5
node_exporter version: output of
node_exporter --version
But version: 1.6.1
node_exporter command line flags
/usr/local/bin/node_exporter --web.listen-address=0.0.0.0:9100 --collector.textfile.directory=/var/tmp/node_exporter --collector.devstat
It would be really nice to have packet filter stats built into exporter, there exists a pf_exporter which could with some modification work under FreeBSD as well since it would require go-freebsd/pf
Telegraf already produce metrics for this but they "cheat" by executing
pfstat
&pfctl
these stats is especially nice for us who run a firewall on FreeBSD/OpenBSD.