After having researched the very same question yesterday, I found about
the following solution scenarios:
1. implement some bar graph indicators in the Web user interface
m0n0wall itself, such as the CPU indicator;
2. write an (non-Perl) exec script that is triggered by snmpd and
returns byte and packet counters after mangling the output of 'ipfw pipe
show', depending on the OID reveived by SNMP GET;
3. write an snmpd agent extension as documented in the ucd-snmp package
that reads ipfw counters directly and returns them to SNMP GET queries.
Actually, there is already a good basis that does exactly this for ipfw1
and ipfw2 from http://howto.aphroland.org/HOWTO/MRTG/IPFWCountersWithMRTG
Solution 3 appears to be the most elegant (run-time efficient, small
image footprint, ...), and also integrates well with all kind of
monitoring tools, such as 'cacti' of which I am an avid user.
Right now, I am building a fresh snmpd for 1.2b8 which includes the
ipfw2 MIB module from the above URL. After testing and maybe some
extension, I intend to publish generic-PC and wrap 1.2b8_rs1 images that
include this extended snmpd. Also, I might include some cacti config
files to complement it.
In the meantime, you may also want to look at my image 1.2b8_rs0 which
supports 'nProbe' to export NetFlows. Monitoring flows may also provide
you with precious insight into your traffic patterns, and the effect of
shaping using pipes and queues.
Please contact me if you already have experience with scenario 3. above
- maybe we can go a bit faster together and get some additional
parameters of m0n0wall accessible via SNMP.