munin plugin to monitor OpenBSD (>5.4) pf queues

pf_queue_

#!/bin/sh
# POD documentation
: <<=cut
=head1 NAME

pf_queue_ - Munin plugin to monitor OpenBSD's pf queues.

=head1 APPLICABLE SYSTEMS

OpenBSD 5.5 and newer

=head1 CONFIGURATION

  [pf_queue*]
  user root

Use the .env settings to override the defaults.

=head1 USAGE

Can be used to present different graphs. Use ln -s for that name in
the plugins directory to enable the graph.
pf_queue_bytes - traffic in each queue, in bytes
pf_queue_packets - traffic in each queue, in packets
pf_queue_qlength - queued packets, per queue

=head1 AUTHOR

Ze Loff

=head1 LICENSE

BSD

=cut


if test "$1" = "autoconf" ; then
	if test ! -f $conf; then
		echo no "($conf does not exist)"
		exit 1
	fi
	if [ "$(uname -s)" = "OpenBSD" ]; then
		echo yes
		exit 0
	fi
fi

if test "$1" = "suggest" ; then
	echo "bytes"
	echo "packets"
	echo "qlength"
	exit 0
fi

# get type 
id=`echo $0 | sed -e 's/^.*pf_queue_//'`
if test "$id"x = ""x; then
	id="bytes"
fi

if test "$1" = "config" ; then
	case $id in
	bytes)
		echo "graph_title pf queue traffic in bytes"
		echo "graph_args --base 1024 -l 0"
		echo "graph_vlabel bytes passed (+) and dropped (-) per ${graph_period}"
		echo "graph_category pf"
		for q in `pfctl -vs queue | awk '/^queue/ { print $2 }'`; do
			echo "dropped_$q.label $q\ndropped_$q.type DERIVE\ndropped_$q.graph no\n"
			echo "$q.label $q\n$q.type DERIVE\n$q.negative dropped_$q\n"
		done
		for pq in `pfctl -vs queue | awk '/^queue/ { for (i = 1; i <= NF; i++) { if ($i == "parent") print $(i+1) }}' | uniq`; do
			echo "$pq.graph no\ndropped_$pq.graph no\n"
		done
		echo "graph_info Traffic passed and dropped per queue, in bytes"
		;;
	packets)
		echo "graph_title pf queue traffic in packets"
		echo "graph_args --base 1000 -l 0"
		echo "graph_vlabel packets passed (+) and dropped (-) per ${graph_period}"
		echo "graph_category pf"
		for q in `pfctl -vs queue | awk '/^queue/ { print $2 }'`; do
			echo "dropped_$q.label $q\ndropped_$q.type DERIVE\ndropped_$q.graph no\n"
			echo "$q.label $q\n$q.type DERIVE\n$q.negative dropped_$q\n"
		done
		for pq in `pfctl -vs queue | awk '/^queue/ { for (i = 1; i <= NF; i++) { if ($i == "parent") print $(i+1) }}' | uniq`; do
			echo "$pq.graph no\ndropped_$pq.graph no\n"
		done
		echo "graph_info Traffic passed and dropped in each queue, in packets"
		;;
	qlength)
		echo "graph_title pf queue size"
		echo "graph_args --base 1000 -l 0"
		echo "graph_vlabel packets in queue"
		echo "graph_category pf"
		for q in `pfctl -vs queue | awk '/^queue/ { print $2 }'`; do
			echo "$q.label $q\n$q.type GAUGE"
		done
		for pq in `pfctl -vs queue | awk '/^queue/ { for (i = 1; i <= NF; i++) { if ($i == "parent") print $(i+1) }}' | uniq`; do
			echo "$pq.graph no\ndropped_$pq.graph no\n"
		done
		echo "graph_info Packets waiting in each queue"
		;;
	esac
  exit 0
fi

#pfctl -vs queue | awk '/^queue/ { q=$2; for (i = 1; i <= NF; i++) { if ($i == "bandwidth") bw=$(i+1); sub(",", "", bw) }; print q".bw " bw }'
#pfctl -vs queue | awk '/^queue/{ q=$2 } /pkts/&&(NR>2){ print "bytes."q"="$5"\ndropped_bytes."q"="$10"\npackets."q"="$3"\ndropped_packets."q"="$8 }'

case $id in
	bytes)
		pfctl -vs queue | awk '/^queue/{ q=$2 } /pkts/&&(NR>2){ print q".value "$5"\ndropped_"q".value "$10 }'
		;;
	packets)
		pfctl -vs queue | awk '/^queue/{ q=$2 } /pkts/&&(NR>2){ print q".value "$3"\ndropped_"q".value "$8 }'
		;;
	qlength)
		pfctl -vs queue | awk '/^queue/{ q=$2 } /qlength/&&(NR>2){ sub("/", "", $3); print q".value "$3 }'
		;;
esac

Why is that &&(NR>2) there? It prevents the output for multiple queues

In all honesty, I don't remember. It's been a long long time since I've used this, and I have since stopped using pf queues and munin, so, I can't go back and check. But I do remember using this for multiple queues.