PF is an acronym for packet filter. It was created for OpenBSD but has been ported to FreeBSD and other operating systems. It is a stateful packet filtering engine. pf — packet filter. SYNOPSIS. pseudo-device pf. DESCRIPTION. Packet filtering takes place in the kernel. A pseudo-device, /dev/pf, allows userland processes to control the behavior of the packet filter through an ioctl(2) interface. There are commands to enable and disable the filter, load rulesets, add and remove individual rules or state. One reason not to scrub on an interface is if one is passing NFS through PF. Some non-OpenBSD platforms send (and expect) strange packets -- fragmented packets with the "do not fragment" bit set, which are (properly) rejected by scrub. This can be resolved by use of the no-df option. PF was originally developed by Daniel Hartmeier and is now maintained and developed by the entire OpenBSD team. The Packet Filter (PF) firewall in OpenBSD 4.4 and later offers traffic interception using several very simple methods. This configuration example details how to integrate the PF firewall with Squid for interception of port 80 traffic using either NAT-like interception and TPROXY-like interception.

This was done on OpenBSD 6.3 : Enable PF on host; Enable snmpd with PF MIBs; Configure Telegraf to poll OpenBSD snmpd; Configure Telegraf to store data in InfluxDB

