Gather traffic statistics from PF and ingest into graphite/grafana.
Rewrite into Python 3 using asyncio.
Goal is to establish visibility of bandwidth usage by client (using pfctl -s state -v), upload bandwith QoS (pfctl -s queue -v).
- Autoreconnects to Graphite ✅
- PF
- ALTQ counters ✅
- pkts/pkt bytes, queue length
- Number of connection states per internal client ❌
- Packet count to an internal client ❌
- ICMP
- Latency ✅
- Sent/Recv ✅
- Lost packets
⚠️ (doesn't handle blackholes correctly yet)
- rethink the ping resolve strat - it doesn't react well to DNS updates
- Pings need to retry when they die due to outages, at least after 5 minutes
- redo the main entry point - it really should be the arbiter of timeouts. And break on any future loss.
- Spin up a docker graphite image. Or provide your own graphite.
- Figure out how you're going to gather the data from pf. You can:
- run
pfstatsdas a user with group or other read access to /dev/pf. - run
pfstatsdas a user that has special passwordless sudo access to justpfctl -s queue -vcommand - requires
use_sudo: truein a config or--sudoargument
- requires
- run
- run
pfstatsdas root lol
- run
- Run a config
python -m pfstatsd from config/example.ymlorpython -m pfstatsd --sudo run -t 5 127.0.0.1:2004 yahoo.com google.com
You're not going to get any data from the PF part. That's for sure.