Skip to main content

Netfilter

Plugin: nfacct.plugin Module: nfacct.plugin

Overview

Monitor Netfilter metrics for optimal packet filtering and manipulation. Keep tabs on packet counts, dropped packets, and error rates to secure network operations.

Netdata uses libmnl (https://www.netfilter.org/projects/libmnl/index.html) to collect information.

This collector is supported on all platforms.

This collector supports collecting metrics from multiple instances of this integration, including remote instances.

This plugin needs setuid.

Default Behavior

Auto-Detection

This plugin uses socket to connect with netfilter to collect data

Limits

The default configuration for this integration does not impose any limits on data collection.

Performance Impact

The default configuration for this integration is not expected to impose a significant performance impact on the system.

Metrics

Metrics grouped by scope.

The scope defines the instance that the metric belongs to. An instance is uniquely identified by a set of labels.

Per Netfilter instance

This scope has no labels.

Metrics:

MetricDimensionsUnit
netfilter.netlink_newnew, ignore, invalidconnections/s
netfilter.netlink_changesinsert, delete, delete_listchanges/s
netfilter.netlink_searchsearched, search_restart, foundsearches/s
netfilter.netlink_errorsicmp_error, insert_failed, drop, early_dropevents/s
netfilter.netlink_expectcreated, deleted, newexpectations/s
netfilter.nfacct_packetsa dimension per nfacct objectpackets/s
netfilter.nfacct_bytesa dimension per nfacct objectkilobytes/s

Alerts

There are no alerts configured by default for this integration.

Setup

Prerequisites

Install required packages

Install libmnl-dev and libnetfilter-acct-dev using the package manager of your system.

Configuration

File

The configuration file name for this integration is netdata.conf. Configuration for this specific integration is located in the [plugin:nfacct] section within that file.

The file format is a modified INI syntax. The general structure is:

[section1]
option1 = some value
option2 = some other value

[section2]
option3 = some third value

You can edit the configuration file using the edit-config script from the Netdata config directory.

cd /etc/netdata 2>/dev/null || cd /opt/netdata/etc/netdata
sudo ./edit-config netdata.conf

Options

Config options
NameDescriptionDefaultRequired
update everyData collection frequency.1no
command optionsAdditinal parameters for collectorno

Examples

There are no configuration examples.


Do you have any feedback for this page? If so, you can open a new issue on our netdata/learn repository.