ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

Resource status through SNMP

02.07.12   |  
‎02-07-2012 03:02 AM

Hey all


I'm currently writing perl scripts to perform SNMP-checks for our new Nagios environment we're setting up and I want to include a check that reads the current number of policies from our ScreenOS firewalls. When I log in to the firewall, I see it saying there are 174 policies out of a total of 200. Thus I would like a warning to be generated when this number increases.


I already managed to read the number of policies using the following command:


snmpwalk -v2c -Cp -c $community $host $OID_POLICIES | grep Variables | gawk '{ print \$3 }'


The option -Cp gives the number of results returned, I grep for the last line containing the number of returned values and then use gawk to print the number.


However I couldn't find a way to read out the maximum number of policies that can be configured. Is there a way?


An option would be to read out the type of firewall and put a table in the script that gives the max number of policies for each type of firewall. In that case I would need an SNMP check to give me the firewall type.


Kind regards


JNCIA (Junos, SSL)
CCNA Security, CCNA
Cisco Certified Academy Instructor - CCNA